scan_all
Run all installed static analysis scanners concurrently on a target path, deduplicate findings using content hashing, and filter by severity or confidence.
Instructions
Scan with ALL installed scanners in parallel, returning deduplicated results.
Automatically detects which scanners are installed, runs them concurrently, and deduplicates findings across scanners using content-based hashing. This is the recommended tool for comprehensive security scanning.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| target_path | Yes | The absolute path to the directory or file to scan. | |
| min_severity | No | Minimum severity to report (LOW, MEDIUM, HIGH, CRITICAL). Defaults to MEDIUM to reduce noise from multiple scanners. | MEDIUM |
| min_confidence | No | Minimum confidence to report (LOW, MEDIUM, HIGH). | LOW |
| git_diff_only | No | If true, only reports findings in files modified in git diff. | |
| limit | No | Maximum number of findings to return (for pagination). | |
| offset | No | Pagination offset. | |
| output_format | No | 'markdown' (human-readable, default) or 'json' (machine-readable list of findings for agents / CI). | markdown |
| use_cache | No | If true, reuse the last cached scan_all when the target's files are unchanged (incremental scan). Ignored with git_diff_only. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |