intruder-mcp

Official

by intruder-io

Overview Schema Related Servers Score Discussions

Python

Hybrid

list_scans

Retrieve a list of scans from your Intruder account, filtered by status or scan type for targeted analysis.

Instructions

    List scans in the Intruder account with optional filters.

    Args:
        status: Filter by scan status (in_progress, completed, cancelled, cancelled_no_active_targets,
               cancelled_no_valid_targets, analysing_results)
        scan_type: Filter by scan type (assessment_schedule, new_service, cloudbot_new_target,
                 rapid_remediation, advisory, cloud_security)
    
    The scan_type parameters mean:
        - assessment_schedule: Scans that run on a regular schedule
        - new_service: Scans that are triggered when a new service is exposed on a target
        - cloudbot_new_target: Scans that are triggered when CloudBot discovers a new target in a connected cloud account
        - rapid_remediation: Scans that a user can trigger to test if a specific issue has been remediated
        - advisory: An issue created by the Intruder security team based on their manual work
        - cloud_security: Scans of cloud accounts, checking the configuration of the resources in the cloud account

Input Schema

TableJSON Schema

Name	Required	Description	Default
`status`	No
`scan_type`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Implementation Reference

intruder_mcp/server.py:68-89 (handler)

The MCP tool handler for 'list_scans'. This is the function decorated with @mcp.tool() that registers 'list_scans' as an MCP tool. It accepts optional 'status' and 'scan_type' filters, calls api.list_scans_all() to get all scans from the API, and formats them as a newline-separated list of 'id - scan_type (status)'.

@mcp.tool()
async def list_scans(status: Optional[str] = None, scan_type: Optional[str] = None) -> str:
    """
    List scans in the Intruder account with optional filters.

    Args:
        status: Filter by scan status (in_progress, completed, cancelled, cancelled_no_active_targets,
               cancelled_no_valid_targets, analysing_results)
        scan_type: Filter by scan type (assessment_schedule, new_service, cloudbot_new_target,
                 rapid_remediation, advisory, cloud_security)
    
    The scan_type parameters mean:
        - assessment_schedule: Scans that run on a regular schedule
        - new_service: Scans that are triggered when a new service is exposed on a target
        - cloudbot_new_target: Scans that are triggered when CloudBot discovers a new target in a connected cloud account
        - rapid_remediation: Scans that a user can trigger to test if a specific issue has been remediated
        - advisory: An issue created by the Intruder security team based on their manual work
        - cloud_security: Scans of cloud accounts, checking the configuration of the resources in the cloud account
    """
    scans = api.list_scans_all(status=status, scan_type=scan_type)
    formatted = [f"{scan.id} - {scan.scan_type} ({scan.status})" for scan in scans]
    return "\n".join(formatted)

intruder_mcp/api_client.py:146-156 (helper)

The 'list_scans_all' method on the API client. This is a pagination helper that calls the underlying 'list_scans' method in a loop (with offset pagination) to yield all ScanList objects. It passes through 'scan_type', 'schedule_period', and 'status' filters.

def list_scans_all(self, scan_type: Optional[str] = None, schedule_period: Optional[str] = None,
                  status: Optional[str] = None) -> Generator[ScanList, None, None]:
    offset = 0
    while True:
        response = self.list_scans(scan_type=scan_type, schedule_period=schedule_period,
                                 status=status, limit=100, offset=offset)
        for scan in response.results:
            yield scan
        if not response.next:
            break
        offset += len(response.results)

intruder_mcp/api_client.py:130-144 (helper)

The 'list_scans' method on the API client. This is the raw API call that sends a GET request to /scans/ with optional query parameters (scan_type, schedule_period, status, limit, offset) and returns a PaginatedScanListList response.

def list_scans(self, scan_type: Optional[str] = None, schedule_period: Optional[str] = None,
              status: Optional[str] = None, limit: Optional[int] = None,
              offset: Optional[int] = None) -> PaginatedScanListList:
    params = {}
    if scan_type:
        params["scan_type"] = scan_type
    if schedule_period:
        params["schedule_period"] = schedule_period
    if status:
        params["status"] = status
    if limit:
        params["limit"] = limit
    if offset:
        params["offset"] = offset
    return PaginatedScanListList(**self.client.get(f"{self.base_url}/scans/", params=params).json())

intruder_mcp/enums.py:141-146 (schema)
The 'ScanList' Pydantic model used as the response schema for list_scans. Contains id, status, created_at, scan_type, and optional schedule_period fields.
```
class ScanList(BaseModel):
    id: int
    status: ScanStatusField
    created_at: datetime
    scan_type: ScanTypeEnum
    schedule_period: Optional[SchedulePeriodEnum] = None
```
intruder_mcp/enums.py:246-247 (schema)
The 'PaginatedScanListList' Pydantic model, which is the paginated wrapper containing a list of ScanList results, used as the return type of the API's list_scans method.
```
class PaginatedScanListList(PaginatedResponse):
    results: List[ScanList]
```

Tool Definition Quality

A3.6/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description bears full burden for behavioral context. It does not disclose that it is a read-only operation, mention pagination, rate limits, or authentication needs. It only describes the filtering capability, leaving significant behavioral aspects unspecified.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is front-loaded with the main action and then details parameters in a structured list. While the scan_type definitions are somewhat lengthy, every sentence serves a purpose. Minor redundancy could be trimmed, but overall it is sufficiently concise.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the presence of an output schema, the description need not detail return values. However, it omits important context for a list endpoint such as pagination, default limits, or ordering. The filtering options are well covered, but missing pagination information reduces completeness for an agent deciding how to invoke the tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 0% description coverage, so the description must compensate. It lists possible values for both 'status' and 'scan_type' parameters, and provides detailed explanations for each 'scan_type' value. This adds meaningful context beyond the schema, though the 'status' values are not explained.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description explicitly states 'List scans in the Intruder account with optional filters', clearly identifying the verb (list) and resource (scans). It distinguishes itself from sibling tools like 'get_scan' (single scan) or 'create_scan' (creation) by focusing on listing with optional filters.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage through its name and action ('list scans'), but provides no explicit guidance on when to use this tool versus alternatives (e.g., 'get_scan' for details, 'list_issues' for issues). No when-not-to-use or prerequisite information is given.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/intruder-io/intruder-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server