// MCP TOOL REFERENCE

VULNERAMCP TOOLS

47 tools from the VulneraMCP MCP Server, categorised by risk level.

View the VulneraMCP policy →
// ALL 47 VULNERAMCP TOOLS
READ 23 tools
Read db.get_findings db.get_findings Read db.get_statistics db.get_statistics Read db.get_test_results db.get_test_results Read js.beautify js.beautify Read js.download js.download Read js.extract_secrets js.extract_secrets Read js.find_endpoints js.find_endpoints Read render.extract_dom render.extract_dom Read render.extract_forms render.extract_forms Read training.extract_from_writeup training.extract_from_writeup Read training.get training.get Read training.get_csrf_patterns training.get_csrf_patterns Read training.import training.import Read training.import_all training.import_all Read training.import_htb training.import_htb Read training.stats training.stats Read zap.get_active_scan_status zap.get_active_scan_status Read zap.get_alerts zap.get_alerts Read zap.get_alerts_summary zap.get_alerts_summary Read zap.get_sites zap.get_sites Read zap.get_spider_status zap.get_spider_status Read zap.get_urls zap.get_urls Read zap.health_check zap.health_check
WRITE 4 tools
Write db.save_finding db.save_finding Write training.import_portswigger training.import_portswigger Write zap.create_context zap.create_context Write zap.include_in_context zap.include_in_context
EXECUTE 19 tools
Execute db.init db.init Execute js.analyze js.analyze Execute recon.amass recon.amass Execute recon.dns recon.dns Execute recon.full recon.full Execute recon.httpx recon.httpx Execute recon.subfinder recon.subfinder Execute render.execute_js render.execute_js Execute render.screenshot render.screenshot Execute security.test_auth_bypass security.test_auth_bypass Execute security.test_csp security.test_csp Execute security.test_csrf security.test_csrf Execute security.test_idor security.test_idor Execute security.test_sqli security.test_sqli Execute security.test_xss security.test_xss Execute zap.proxy_process zap.proxy_process Execute zap.send_request zap.send_request Execute zap.start_active_scan zap.start_active_scan Execute zap.start_spider zap.start_spider
OTHER 1 tools
Other training.match training.match

Route VulneraMCP through PolicyLayer and every one of its 47 tools is checked against your policy before it runs.

GOVERN VULNERAMCP →

Enforced before the call runs. Nothing to install.

// FAQ
How many tools does the VulneraMCP MCP server have? +

The VulneraMCP MCP server exposes 47 tools across 4 categories: Read, Write, Execute, Other.

How do I enforce policies on VulneraMCP tools? +

Route the VulneraMCP server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do VulneraMCP tools fall into? +

VulneraMCP tools are categorised as Read (23), Write (4), Execute (19), Other (1). Each category has a recommended default policy.

Enforce policy on every VulneraMCP tool call.

Deterministic rules across all 47 VulneraMCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN VULNERAMCP →

Free to start. No card required.

42,500+ MCP servers and 110,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.