// docs / mcp

Frithealaiche MCP

Plug FixWeb a-steach do Claude Desktop, Cursor, no client sam bith a bhruidhneas an Model Context Protocol. Gheibh an t-agent AI agad inntrigeadh typed dha na scans, findings, agus na h-aon prompts càraidh teamplaidichte a bhios a' cumhachdachadh putan Copy fix prompt an dashboard.

Cruthaich API token

Tadhail air /account/api-tokens agus cruthaich token ainmichte, m.e., claude-desktop. Dèan lethbhreac den luach plaintext — thèid a shealltainn aon turas.

Tha tokens nan bearer credentials: faodaidh neach sam bith leis an string na scans agad a leughadh agus feadhainn ùra a thòiseachadh. Stòr e mar password.

Stiùir do MCP client gu /api/mcp

Claude Desktop / Cursor / Continue / Zed:

{
  "mcpServers": {
    "fixweb": {
      "transport": "streamable-http",
      "url": "https://fixweb.app/api/mcp",
      "headers": {
        "Authorization": "Bearer fxw_YOUR_TOKEN_HERE"
      }
    }
  }
}

Ath-thòisich an client. Bu chòir dhan fhrithealaiche fixweb nochdadh air liosta fhrithealaichean MCP aige.

Feuch e

Faighnich rudan dhan agent agad mar:

“Liostaich na 10 scans FixWeb mu dheireadh agam.”
“Seall dhomh na critical findings air an scan as ùire.”
“Tòisich scan fulangach an aghaidh https://staging.example.com.”
“Airson gach high-severity finding air scan X, sgrìobh fix.”
“A bheil open live-threat alerts sam bith air na domains agam?”
Sgrìobh /fixweb-fix le finding id gus am prompt leigheis teamplaidichte a chur dìreach dhan chat.

Innealan

list_scansread: Tillidh suas ri 100 scan as ùire le status + finding counts. Args: limit?: 1..100.
get_scanread: Scan envelope + summary severity gach category gu default. Suidhich include_findings=true airson an aithisg slàn (mòr airson scans noisy — b'fhearr list_findings + filters). Args: scan_id (uuid), include_findings?: boolean.
list_findingsread: Findings paginated thar nan scans agad uile. Args: severity?: list, check_id?, since? (ISO 8601), limit?: 1..200.
start_scanwrite: Enqueues a passive scan. Returns an id with status queued; poll get_scan to await completion. Owner-depth mode is gated behind on-site attestation and not exposed via MCP. Args: target (URL or hostname).
list_alertsread: Rabhaidhean bagairt beò (eadar-dhealachaidhean CT log, atharrachaidhean DNS, liostaichean threat intel). Ri fhaighinn dìreach air a' phlana Unlimited; tha plana Hobby agus Pro a' tilleadh liosta falamh. Args: domain_id?, active_only?, limit?: 1..200.
get_alertread: Aon alert le payload slàn (DNS diff, certs ùra, listing detail). Args: alert_id (uuid).
dismiss_alertwrite · idempotent: Comharraich alert mar dismissed. Idempotent — 's e no-op a th' ann an re-dismissing. Args: alert_id (uuid).

Goireasan

Leigidh resources leis a' client agad dàta FixWeb a cheangal dhan conversation gu dìreach, an àite an agent a bhith ga re-fetch air gach turn. Ann an Claude Desktop, briog an menu @ → fixweb.

fixweb://scan/{scan_id}/reportjson: Aithisg scan FixWeb slàn a' gabhail a-steach gach check agus gach finding.
fixweb://finding/{finding_id}json: Aon finding (severity, title, description, evidence, remediation, CWE).

Òrdughan slash

/fixweb-fixprompt: Renders prompt leigheis teamplaidichte airson finding. Detects framework a' codebase bho tech-fingerprint an scan agus injects comhairle framework-specific nuair a tha i ri fhaighinn; falls back gu generic recipe air dhòigh eile. Args: finding_id (uuid). Gun Claude API call — templated server-side.

→ Tha cuotathan, RLS, agus severity gating a' buntainn gu co-ionann ri gairmean MCP agus REST.