FixWeb

// docs / mcp

Tūmau MCP

Whakaurua a FixWeb ki Claude Desktop, Cursor, tētahi kiritaki rānei e kōrero ana i te Model Context Protocol. Ka whiwhi tō AI agent i te urunga typed ki ō matawai, kitenga, me ngā tono whakatika template e whakamana ana i te pātene Copy fix prompt o te dashboard.

01

Hangaia he API token

Haere ki /account/api-tokens ka hanga he token, hei tauira, claude-desktop. Tāruatia te plaintext value — kotahi anake te whakaatu.

He bearer credentials ngā tokens: ka taea e te tangata kei a ia te string te pānui i ō scans me te tīmata i ētahi hou. Rokirokihia pēnei i te kupuhipa.

02

Tohua tō kiritaki MCP ki /api/mcp

Claude Desktop / Cursor / Continue / Zed:

{
  "mcpServers": {
    "fixweb": {
      "transport": "streamable-http",
      "url": "https://fixweb.app/api/mcp",
      "headers": {
        "Authorization": "Bearer fxw_YOUR_TOKEN_HERE"
      }
    }
  }
}

Tīmata anō i te client. Me puta te server fixweb ki tana MCP server list.

03

Whakamātauria

Pātai atu ki tō agent i ngā mea pēnei i:

  • “Rārangitia aku scans FixWeb 10 whakamutunga.”
  • “Whakaaturia mai ngā critical findings o te scan tino hōu.”
  • “Tīmatahia he passive scan ki https://staging.example.com.”
  • “Mō ia high-severity finding i te scan X, tuhia he fix.”
  • “He open live-threat alerts kei aku domains?”
  • Patohia /fixweb-fix me tētahi finding id kia taka tika ai te templated remediation prompt ki te chat.

Ngā taputapu

list_scanspānui
Ka whakahoki ki te 100 most-recent scans me te status + finding counts. Args: limit?: 1..100.
get_scanpānui
Scan envelope + per-category severity summary mā te default. Whakatakotoria include_findings=true mō te report katoa (he nui mō ngā noisy scans — pai ake te list_findings + filters). Args: scan_id (uuid), include_findings?: boolean.
list_findingspānui
Paginated findings puta noa i ō scans katoa. Args: severity?: list, check_id?, since? (ISO 8601), limit?: 1..200.
start_scantuhi
Enqueues a passive scan. Returns an id with status queued; poll get_scan to await completion. Owner-depth mode is gated behind on-site attestation and not exposed via MCP. Args: target (URL or hostname).
list_alertspānui
Ngā whakatūpato whakatumatuma ora (ngā rerekētanga CT log, ngā huringa DNS, ngā rārangi threat intel). Ka wātea i te mahere Unlimited anake; ka whakahokia e ngā mahere Hobby me Pro he rārangi tuhera. Args: domain_id?, active_only?, limit?: 1..200.
get_alertpānui
Alert kotahi me te payload katoa (DNS diff, new certs, listing detail). Args: alert_id (uuid).
dismiss_alerttuhi · idempotent
Tohua he alert hei dismissed. Idempotent — ko te re-dismissing he no-op. Args: alert_id (uuid).

Rauemi

Mā ngā resources ka taea e tō client te whakapiri tika i ngā raraunga FixWeb ki te conversation, kaua te agent e re-fetch i ia turn. I Claude Desktop, pāwhiria te @ menu → fixweb.

fixweb://scan/{scan_id}/reportjson
Pūrongo scan FixWeb katoa tae atu ki ia check me ia finding.
fixweb://finding/{finding_id}json
He finding kotahi (severity, title, description, evidence, remediation, CWE).

Slash commands

/fixweb-fixprompt
Ka render i tētahi templated remediation prompt mō tētahi finding. Ka kite i te codebase framework mai i te tech-fingerprint o te scan, ā, ka inject i ngā framework-specific advice ina wātea; ki te kore, ka fallback ki tētahi generic recipe. Args: finding_id (uuid). Kāore he Claude API call — he templated server-side.

→ Ka ōrite te tono o ngā quota, RLS, me severity gating ki ngā karanga MCP me REST.

Tūmau MCP — Docs · FixWeb