list_sca_vulnerabilities
Search for Software Composition Analysis vulnerabilities in dependencies by ecosystem, repository, or dependency type to identify security risks.
Instructions
Search for SCA (Software Composition Analysis) vulnerabilities in dependencies.
Args:
search_query: Optional search term to filter vulnerabilities
repository_ids: Optional list of repository IDs to filter by
ecosystems: Optional list of ecosystems to filter (npm, pip, maven, etc.)
transitivity: Optional filter by dependency type (direct, transitive)
page: Page number (default: 1)
page_size: Number of results per page (default: 50)Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| search_query | No | ||
| repository_ids | No | ||
| ecosystems | No | ||
| transitivity | No | ||
| page | No | ||
| page_size | No |
Implementation Reference
- The main handler function for the 'list_sca_vulnerabilities' MCP tool. Includes @mcp.tool() decorator for registration and docstring for schema. Queries ZeroPath SCA API endpoint.
@mcp.tool() def list_sca_vulnerabilities( search_query: str = None, repository_ids: list[str] = None, ecosystems: list[str] = None, transitivity: str = None, page: int = 1, page_size: int = 50 ) -> str: """ Search for SCA (Software Composition Analysis) vulnerabilities in dependencies. Args: search_query: Optional search term to filter vulnerabilities repository_ids: Optional list of repository IDs to filter by ecosystems: Optional list of ecosystems to filter (npm, pip, maven, etc.) transitivity: Optional filter by dependency type (direct, transitive) page: Page number (default: 1) page_size: Number of results per page (default: 50) """ payload = { "page": page, "pageSize": page_size } if search_query: payload["searchQuery"] = search_query if repository_ids: payload["repositoryIds"] = repository_ids if ecosystems: payload["ecosystems"] = ecosystems if transitivity: if transitivity not in ["direct", "transitive"]: return "Error: transitivity must be 'direct' or 'transitive'" payload["transitivity"] = transitivity response, error = make_api_request("sca/vulnerabilities/search", payload) if error: return error if response.status_code == 200: return process_sca_vulnerabilities_response(response.json()) elif response.status_code == 401: return "Error: Unauthorized - check API credentials" elif response.status_code == 400: return f"Error: Bad request - {response.text}" else: return f"Error: API returned status {response.status_code}: {response.text}" - Docstring providing input schema description for the tool parameters.
""" Search for SCA (Software Composition Analysis) vulnerabilities in dependencies. Args: search_query: Optional search term to filter vulnerabilities repository_ids: Optional list of repository IDs to filter by ecosystems: Optional list of ecosystems to filter (npm, pip, maven, etc.) transitivity: Optional filter by dependency type (direct, transitive) page: Page number (default: 1) page_size: Number of results per page (default: 50) """ - Supporting helper function that formats the raw API response from SCA vulnerabilities search into a readable text output.
def process_sca_vulnerabilities_response(raw_response): """Process SCA vulnerabilities search response into readable format.""" if "error" in raw_response: return f"Error: {raw_response['error']}" vulns = raw_response.get("vulnerabilities", raw_response.get("items", [])) if not vulns: return "No SCA vulnerabilities found." total_count = raw_response.get("totalCount", len(vulns)) result = f"Found {total_count} SCA vulnerability(ies).\n\n" for i, vuln in enumerate(vulns, 1): result += f"Vulnerability {i}:\n" result += f" ID: {vuln.get('id', 'N/A')}\n" # Package info pkg = vuln.get('package', {}) if pkg: result += f" Package: {pkg.get('name', 'N/A')} @ {pkg.get('version', 'N/A')}\n" result += f" Ecosystem: {pkg.get('ecosystem', 'N/A')}\n" result += f" Manifest: {pkg.get('manifestPath', 'N/A')}\n" else: result += f" Package: {vuln.get('packageName', 'N/A')}\n" # Metadata meta = vuln.get('metadata', {}) if meta: result += f" Severity: {meta.get('severity', 'N/A')}\n" result += f" Score: {meta.get('severityScore', 'N/A')}\n" result += f" Summary: {meta.get('summary', 'N/A')}\n" if meta.get('aliases'): result += f" Aliases: {', '.join(meta['aliases'][:3])}\n" else: result += f" Severity: {vuln.get('severity', 'N/A')}\n" result += f" Repository: {vuln.get('repositoryId', 'N/A')}\n" result += f" Branch: {vuln.get('branch', 'N/A')}\n" result += "\n" # Pagination info if "page" in raw_response: result += f"Page: {raw_response.get('page', 1)} | " result += f"Page Size: {raw_response.get('pageSize', len(vulns))} | " result += f"Total: {total_count}\n" return result