Appearance
Tool reference
Tools are grouped by tier. The pentest profile exposes read + scan; admin adds the rest. Start with get_target_overview, then page into detail.
read — target & asset data
| Tool | What it returns |
|---|---|
get_target_overview | Program + scopes + per-type asset counts. Call this first. |
list_programs / get_program | Discover / fetch a target. |
list_scopes | Scopes for a program. |
list_domains | Domains for a target. |
list_ip_addresses | IPs for a target. |
list_ports | Ports (+ service) for a target or one IP (ipAddressId). |
list_http_paths | HTTP paths for a target or domain — with statusCode, length, tool. The richest recon signal. |
list_technologies | Technologies across a target's assets. |
get_http_path_technologies / get_port_technologies | Tech on one asset. |
list_mobiles / list_wildcards / list_cidrs | Mobile apps and scope boundaries. |
read — scans & workflows
list_scans, get_scan, get_scan_tasks_statistics, list_workflows, get_workflow, export_workflow, list_workers, plus the AI-resolve read tools.
scan — author & run
| Tool | What it does |
|---|---|
create_scan | Create and start a scan; parameters scope it to a target. |
stop_scan | Halt a running scan. |
import_workflow | Define a workflow from a JSON document (shape: author-scan-workflow). |
update_workflow / add_dependency | Edit an existing workflow. |
Example — run an existing workflow against one wildcard, then poll it:
text
create_scan {
workflowDefinitionId: "…uuid…",
parameters: { "wildcard": "*.acme.com" } // keys must match the workflow's declared PARAM/Secret names
} // → returns the new scan's id
get_scan { id } // status + step progress
get_scan_tasks_statistics { id } // per-step task counts, until Completedparameters / secretValues keys must match the Parameter / Secret names the workflow declares — see author-scan-workflow. Omit parameters to scan all in-phase targets.
admin — not exposed to the pentest agent
delete_scan, delete_workflow, create_worker, trigger_ai_resolve, approve_resolve_item, decline_resolve_item. These require the admin profile.
write — reserved
The write tier (asset mutation) is currently empty — the seam exists for future tools that record or annotate assets an agent discovers, once backend write endpoints exist.
The paged read tools all accept programId / scopeId / platformName filters plus page / limit / search / updatedAfter. Pull cheaply and page — don't request huge result sets. The recon-target skill shows the intended sequence.