FixWeb

// docs / mcp

MCP server

Tinye FixWeb na Claude Desktop, Cursor, ma ọ bụ client ọ bụla na-asụ Model Context Protocol. AI agent gị na-enweta typed access na scans gị, findings gị, na otu templated fix prompts ahụ na-akwado bọtịnụ Copy fix prompt nke dashboard.

01

Mepụta API token

Gaa na /account/api-tokens wee mepụta token aha ya bụ, dịka ọmụmaatụ, claude-desktop. Detuo plaintext value ahụ — a na-egosi ya otu ugboro.

Tokens bụ bearer credentials: onye ọ bụla nwere string ahụ nwere ike ịgụ scans gị ma malite ndị ọhụrụ. Chekwaa ya dịka password.

02

Duga MCP client gị na /api/mcp

Claude Desktop / Cursor / Continue / Zed:

{
  "mcpServers": {
    "fixweb": {
      "transport": "streamable-http",
      "url": "https://fixweb.app/api/mcp",
      "headers": {
        "Authorization": "Bearer fxw_YOUR_TOKEN_HERE"
      }
    }
  }
}

Malitegharịa client ahụ. Server fixweb kwesịrị ịpụta na list MCP server ya.

03

Nwalee ya

Jụọ agent gị ihe ndị dịka:

  • “Depụta scans FixWeb 10 ikpeazụ m.”
  • “Gosi m findings critical na scan kachasị ọhụrụ.”
  • “Malite passive scan megide https://staging.example.com.”
  • “Maka finding high-severity ọ bụla na scan X, dee fix.”
  • “Enwere open live-threat alerts ọ bụla na domains m?”
  • Pịnye /fixweb-fix tinyere finding id iji tufuo templated remediation prompt ozugbo n'ime chat.

Tools

list_scansgụ
Na-alaghachi scans kacha ọhụrụ ruo 100 nwere status + finding counts. Args: limit?: 1..100.
get_scangụ
Scan envelope + severity summary kwa category na default. Tọọ include_findings=true maka full report (ọ buru ibu maka scans nwere mkpọtụ — họrọ list_findings + filters). Args: scan_id (uuid), include_findings?: boolean.
list_findingsgụ
Findings paginated gafee scans gị niile. Args: severity?: list, check_id?, since? (ISO 8601), limit?: 1..200.
start_scandee
Enqueues a passive scan. Returns an id with status queued; poll get_scan to await completion. Owner-depth mode is gated behind on-site attestation and not exposed via MCP. Args: target (URL or hostname).
list_alertsgụ
Ọkwa egwu dị ndụ (ọdịiche CT log, mgbanwe DNS, ndepụta threat intel). Dị naanị na atụmatụ Unlimited; atụmatụ Hobby na Pro na-enyeghachi ndepụta efu. Args: domain_id?, active_only?, limit?: 1..200.
get_alertgụ
Otu alert nwere full payload (DNS diff, new certs, listing detail). Args: alert_id (uuid).
dismiss_alertdee · idempotent
Kaa alert dị ka dismissed. Idempotent — re-dismissing bụ no-op. Args: alert_id (uuid).

Resources

Resources na-ekwe ka client gị tinye data FixWeb n'ime conversation ozugbo, kama agent ị-fetch ya ọzọ kwa turn. Na Claude Desktop, pịa menu @ → fixweb.

fixweb://scan/{scan_id}/reportjson
Full FixWeb scan report gụnyere check ọ bụla na finding ọ bụla.
fixweb://finding/{finding_id}json
Otu finding (severity, title, description, evidence, remediation, CWE).

Slash commands

/fixweb-fixprompt
Na-render templated remediation prompt maka finding. Na-achọpụta codebase framework site na tech-fingerprint nke scan ma tinye ndụmọdụ pụrụ iche maka framework mgbe ọ dị; ma ọ bụghị ya, ọ na-fallback na generic recipe. Args: finding_id (uuid). Enweghị Claude API call — templated server-side.

→ Quotas, RLS, na severity gating na-emetụta MCP na calls REST n'otu ụzọ.

MCP server — Docs · FixWeb