Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| NUCLEI_BIN | No | Path to the Nuclei binary executable | ${HOME}/go/bin/nuclei |
| SCAN_RESULTS_DIR | No | Directory where scan results will be stored | ${AGENTIC_SYSTEM_PATH:-/opt/agentic}/security-scans |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": true
} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| scan_target | Scan a target URL or IP with Nuclei vulnerability scanner. Args: target: Target URL or IP address to scan severity: Comma-separated severity levels (info, low, medium, high, critical) rate_limit: Requests per second (default: 150) timeout: Scan timeout in seconds (default: 300) Returns: JSON string with scan results |
| scan_cluster_nodes | Scan all nodes in the agentic cluster for vulnerabilities. Args: scan_type: Type of scan - "quick", "comprehensive", "full", "web", or "api" severity: Comma-separated severity levels to check Returns: JSON string with cluster scan results |
| list_templates | List available Nuclei templates by tag or severity. Args: tag: Filter by tag (e.g., cve, exposure, misconfiguration) severity: Filter by severity (info, low, medium, high, critical) Returns: JSON string with template list |
| update_templates | Update Nuclei templates to latest version. Returns: JSON string with update result |
| get_scan_results | Retrieve results from a previous scan. Args: scan_id: Scan ID to retrieve limit: Maximum number of results to return (default: 100) Returns: JSON string with scan results |
| list_scans | List all previous security scans. Args: limit: Maximum number of scans to return (default: 50) Returns: JSON string with scan list |
| detect_anomalous_findings | Use TPU-accelerated embeddings to detect anomalous security findings. Compares findings against a baseline (previous scans or expected patterns) to identify unusual or novel vulnerabilities that may need urgent attention. Args: scan_id: Current scan to analyze baseline_scan_id: Previous scan to compare against (optional) threshold: Similarity threshold - lower values = more anomalies detected Returns: JSON with anomalous findings and analysis |
| prioritize_findings | Use TPU-accelerated importance scoring to prioritize security findings. Scores each finding based on semantic similarity to critical security terms and patterns, helping focus remediation efforts. Args: scan_id: Scan ID to prioritize Returns: JSON with prioritized findings |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |