Prufa
OfficialServer Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| PRUFA_API_TOKEN | Yes | Your Prufa API key. Get one at prufa.dev. |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| prufa_health_checkA | Probe the Prufa API and MCP server. Always free, no token required. |
| prufa_run_auditA | Run a one-shot public-page QA audit on a URL. FREE — no key, no card (runs anonymously; a workspace token, if set, just attributes the run and lifts the per-IP limit). Returns findings JSON (broken flows, JS console errors, tracking/consent, security headers, a11y, mobile) graded A-F. Idempotent. wait=true (default) blocks until the audit completes and returns the report; wait=false returns the queued state with run_id + share_token to poll via prufa_get_report. An anonymous result carries a workspace_unlock block: deeper checks (flows, monitors, discovery, gremlin) need a free workspace (prufa_setup_workspace). |
| prufa_get_runB | Get a run's status by id (queued|running|succeeded|failed|blocked|timeout). |
| prufa_get_reportA | Get the JSON report for a run. Accepts EITHER run_id (UUID from audit creation) OR share_token (the slug after /r/ in report_url). The share_token form is the recommended call shape — it is what the audit creation response returns. |
| prufa_list_runsC | List recent runs in this workspace (auth required). |
| prufa_get_findingA | Get the persisted findings for a run (flat, machine-readable). Pass finding_key to filter to a single finding. |
| prufa_list_alertsA | Alert history (delta-engine ledger), newest first — includes suppressed alerts with their suppression reason. [Pro] |
| prufa_setup_workspaceA | Bootstrap or read the Prufa workspace this agent uses. If a token is already configured it returns the current workspace (with trial + upsell state). If NO token is set it CREATES a free 'agent_temp' workspace: no card, no charge, a 7-day trial with an included credit budget. During the trial you can run audits, monitors, discovery, and the full gremlin; after it ends monitors/discovery/gremlin_full_run are gated. The 201 response returns an api_token shown ONCE — persist it as PRUFA_API_TOKEN (or in ~/.config/prufa/mcp.json) and re-run with it set. When credits run low or the trial nears its end, tell your human to upgrade (prufa_upgrade_plan) or buy credits (prufa_buy_credits). Idempotent. |
| prufa_get_workspaceA | Get the current workspace: tier, usage/credits, and trial state (days remaining, what gets gated when the trial ends). Includes an upsell block when the workspace is low on credits or near trial end. |
| prufa_get_usageA | Get this workspace's credit usage (available/included) plus trial state and, when relevant, an upsell block. Use before a costly run to check the balance and relay the message_for_human if credits are low. |
| prufa_workspace_settingsA | Update workspace settings — pass only the keys you want to change. Covers display_name, usage webhook (url/secret), overage opt-in, auto_recharge (auto-buys credits when a launch is blocked on an empty balance — needs a card on file), auto_recharge_credits / auto_recharge_monthly_limit_cents, and email/slack alert toggles. At least one setting is required. Idempotent. [Pro] |
| prufa_set_notificationsA | Set the notification routing matrix: 'cells' is the 9-event x {email, slack} map of booleans deciding which channel each event fires on. The server validates keys and types (422 on unknown/missing keys or non-booleans) and returns {cells, locked_events} (events you can't turn off). [Pro] |
| prufa_upgrade_planA | Subscribe or upgrade this workspace to a paid plan (starter | pro | team). Returns a Stripe checkout_url the HUMAN opens in a browser to start the 7-day card-first trial — the agent never enters card details. Mutating + idempotent. [Pro] |
| prufa_buy_creditsA | Buy a one-time prepaid credit pack for this workspace (no subscription change). Returns a Stripe checkout_url the HUMAN opens to pay by card. Use when the workspace is low on credits but you don't want to change the plan. Mutating + idempotent. [Pro] |
| prufa_billing_portalA | Open the Stripe customer portal for this workspace. Returns a portal_url the HUMAN opens to manage the subscription, update the card, or view invoices. A workspace with no Stripe customer yet returns 409 no_stripe_customer (pass that back to the human — they must subscribe first via prufa_upgrade_plan). Mutating + idempotent. [Pro] |
| prufa_create_flowA | Compile a plain-language test case into a reviewable DRAFT flow spec. Pass the target url and a plain-text test_case (e.g. 'log in, add the first product to the cart, and check out'); optionally a name. Returns a 201 draft: the compiled step spec plus any {{VARIABLES}} it detected (logins, coupon codes) and a review instruction. The flow does NOT run yet — review the draft, then call prufa_confirm_flow. Only confirmed flows run. Idempotent. |
| prufa_confirm_flowA | Confirm a DRAFT flow so it becomes runnable — only confirmed flows run. Pass flow_id. Optionally pass a corrected spec object to override the compiled draft before confirming (omit it to confirm the draft as-is). Idempotent. |
| prufa_run_flowA | Execute a CONFIRMED flow. Returns 202 with run_id + report_url; poll the report via prufa_get_report. Pass per-run credentials as an object mapping the spec's {{VARIABLES}} to values ({'EMAIL': ..., 'PASSWORD': ...}) — these are encrypted in transit and NOT stored (use prufa_set_flow_credentials to store reusable ones). Fails if the flow is still a draft — confirm it first. Idempotent. |
| prufa_set_flow_credentialsA | Store reusable, WRITE-ONLY credentials for a flow so later runs need not resend them. Pass flow_id and a non-empty credentials object mapping the spec's {{VARIABLES}} to values. The response lists the stored variable NAMES only — values are never returned. Idempotent. |
| prufa_list_flowsA | List the flows in this workspace with their status (draft|confirmed) and metadata. |
| prufa_get_flowA | Get a single flow by id: its compiled spec, status (draft|confirmed), and the NAMES of any stored credentials (never their values). |
| prufa_edit_flowA | Replace a flow's spec. Pass flow_id and the full spec object. NOTE: any edit returns the flow to DRAFT — you must call prufa_confirm_flow again before it can run. Idempotent. |
| prufa_delete_flowA | Delete a flow by id. NOTE: a flow still used by a monitor returns 409 flow_in_use — pause or delete that monitor first, then retry. Idempotent. |
| prufa_start_monitorA | Start a persistent monitor: re-run a QA audit on a URL on a cadence (daily|hourly) and fire a deploy hook on every regression delta. Pass flow_id to re-run a confirmed flow instead of the plain audit. 1-click setup — the response returns the deploy_hook (url + signing secret, shown ONLY once) which you should store immediately. [Pro] Free-tier workspaces get a 402 with a checkout hint that passes through; do not gate client-side. Idempotent. |
| prufa_get_monitorB | Get one monitor's config + latest state (status, cadence, last run, deploy-hook metadata). [Pro] |
| prufa_list_monitorsA | List every monitor in this workspace. [Pro] |
| prufa_pause_monitorA | Pause a monitor — it stops running on its cadence until resumed. History is kept. Idempotent. [Pro] |
| prufa_resume_monitorB | Resume a paused monitor. The next scheduled run fires immediately, then it returns to its cadence. Idempotent. [Pro] |
| prufa_trigger_monitorA | Trigger a monitor run right now (out of band). Rate-capped to 1 per 60s; if a run is already queued or running the response is deduped (deduped:true) instead of starting a second one. Idempotent. [Pro] |
| prufa_delete_monitorA | Delete a monitor (stops all future runs and revokes its deploy hook). Past run history is retained. Idempotent. [Pro] |
| prufa_rotate_monitor_webhookA | Rotate a monitor's deploy-hook signing secret. The new secret is returned ONCE in the response — store it now; the old secret dies immediately, so update your CI before the next delivery. Idempotent. [Pro] |
| prufa_list_monitor_deliveriesA | List a monitor's last 50 deploy-hook deliveries plus copy-paste CI snippets (curl, github_actions, gitlab_ci). never_fired:true powers the 'your webhook never fired' nudge — surface it to the human. [Pro] |
| prufa_run_gremlinA | Run a gremlin chaos-QA session on a URL: an agent imitates a difficult user (no script) while plain-code detectors verify what breaks. Use to stress-test a real flow beyond the deterministic audit. Mutations are DRY-RUN unless the host is authorized via prufa_authorize_domain; payments are NEVER executed. Optional credentials (a real, non-payment login write) require a signed-in workspace AND mutation authorization for the host. Step budget depends on plan (free teaser 8, Starter 20, Pro 40, Team 60) — call prufa_get_usage for the cap. wait=true (default) blocks until the run completes (can take ~5 min) and returns the report; wait=false returns the queued state with run_id. [Pro] |
| prufa_authorize_domainA | Authorize REAL (non-payment) mutations for the gremlin on a host you own or a staging host — logging in and writing on that host stop being dry-run. Set allow_mutation=false to revoke. This is the gremlin mutation opt-in, NOT the discovery DNS-domain verification (a different system). host is a bare hostname (e.g. staging.acme.com). [Pro] |
| prufa_list_gremlin_domainsA | List the hosts this workspace has authorized for real gremlin mutations, with each host's allow_mutation flag, note, and created_at, plus the default policy. [Pro] |
| prufa_rerun_gremlinA | Re-dispatch a past gremlin run with the SAME intent (original url, persona, direction, and saved login) under the current tier's step cap. Returns a NEW run_id. wait=true (default) blocks until the rerun completes and returns the report; wait=false returns the queued state. [Pro] |
| prufa_gremlin_saved_loginsA | SENSITIVE — returns DECRYPTED email+password for logins previously used by gremlin runs in THIS workspace, so a kickoff can reuse them. Only for the owning workspace. Never print these values into logs, transcripts, or files; pass them straight into prufa_run_gremlin's credentials. [Pro] |
| prufa_promote_gremlin_pathA | Import one reproduced gremlin path (by its path_index in the gremlin report) as a DRAFT flow. The flow still needs review + confirmation before it will run — this only creates the draft. Returns flow_id, status='draft', and a review_url. [Pro] |
| prufa_register_discovery_domainA | [Pro] Register a domain for full-auto discovery and get the DNS TXT record to publish. For an unverified domain the response carries a 'verification' object {method, record_name, record_type:'TXT', record_value, hint} — publish that TXT record at your DNS provider, then call prufa_verify_discovery_domain. Set test_payments_opt_in to allow discovery to exercise test-mode payment flows. This DNS-ownership authorization is separate from gremlin mutation opt-in. |
| prufa_verify_discovery_domainA | [Pro] Check the published DNS TXT proof for a registered discovery domain now. Idempotent — returns the domain body with status 'verified' once the TXT record resolves, or still 'pending' if DNS hasn't propagated yet (retry later). |
| prufa_list_discovery_domainsA | [Pro] List this workspace's discovery domains with id, domain, status (pending|verified), verified_at, verification_method, test_payments_opt_in, and (for pending domains) the verification TXT record to publish. |
| prufa_revoke_discovery_domainA | [Pro] De-authorize a discovery domain. Future discovery on it is refused and any disposable identities created for it are torn down (the response reports identities_torn_down). Idempotent. |
| prufa_run_discoveryA | [Pro] Start a full-auto discovery run on a URL. Crawls the site, infers user flows, and drafts the meaningful ones as reviewable draft flows. Requires a paid/trial tier AND a VERIFIED discovery domain covering the URL's host — otherwise the API returns 403 domain_not_authorized (register + verify the domain first) or 404 if discovery isn't enabled on the deployment. Returns {discovery_id, status, url, result_url}; poll with prufa_get_discovery. |
| prufa_get_discoveryA | [Pro] Get a discovery run's status and the draft/advisory flows it surfaced (name, kind, entry_url, status, flow_id, eval_score, detail, confirm_url). Confirm a draft flow (prufa_confirm_flow) to make it runnable. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/prufa-dev/prufa-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server