// MCP TOOL REFERENCE

HACKERONE MCP SERVER TOOLS

16 tools from the HackerOne MCP Server MCP Server, categorised by risk level.

View the HackerOne MCP Server policy →
// ALL 16 HACKERONE MCP SERVER TOOLS
READ 13 tools
Read analyze_report_patterns Fetch your recent reports and analyze patterns: most common vulnerability types, severity distribution, res... Read get_balance Get your current unpaid bounty balance on HackerOne. Read get_earnings Get your bounty earnings history. Shows amounts, currency, dates, and which programs paid out. Read get_hacker_profile Get your HackerOne hacker profile: reputation, signal, impact, rank, and account info. Read get_program_details Get detailed info about a single program: policy, response times, metrics, bounty splitting, and submission... Read get_program_scope Get the in-scope assets for a bug bounty program. Auto-paginates to return all scope items. Returns asset t... Read get_program_weaknesses Get the accepted vulnerability/weakness types for a program. Auto-paginates. Helps frame reports using the ... Read get_report Get the full details of a specific HackerOne report by ID. Returns title, vulnerability details, impact, se... Read get_report_activities Get the activity timeline of a report: comments, state changes, bounty awards, and triage responses. Read get_report_with_conversation Get a report with its full triage conversation. Useful for understanding what questions triage asked, how y... Read list_programs List bug bounty programs you have access to on HackerOne. Auto-paginates to return all programs. Read search_disclosed_reports Search publicly disclosed HackerOne reports (hacktivity). Useful for learning what gets paid, finding prior... Read search_reports Search and list your HackerOne reports. Filter by keyword, program, severity, or state. Great for finding p...
WRITE 3 tools
Write add_comment Add a comment to an existing HackerOne report. Use this to respond to triage questions or provide additiona... Write close_report Withdraw/close one of your own HackerOne reports. Sends a close request with an optional message. Write submit_report Submit a new vulnerability report to a HackerOne program. Returns the new report ID and URL. Use get_progra...

Route HackerOne MCP Server through PolicyLayer and every one of its 16 tools is checked against your policy before it runs.

GOVERN HACKERONE →

Enforced before the call runs. Nothing to install.

// FAQ
How many tools does the HackerOne MCP Server MCP server have? +

The HackerOne MCP Server MCP server exposes 16 tools across 2 categories: Read, Write.

How do I enforce policies on HackerOne MCP Server tools? +

Route the HackerOne MCP Server server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do HackerOne MCP Server tools fall into? +

HackerOne MCP Server tools are categorised as Read (13), Write (3). Each category has a recommended default policy.

Enforce policy on every HackerOne MCP Server tool call.

Deterministic rules across all 16 HackerOne MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN HACKERONE →

Free to start. No card required.

42,500+ MCP servers and 110,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.