SOLUTIONS · BY WHAT THEY TOUCH Payments Code & CI Data & databases Infrastructure Customer ops Org-wide rollout SOLUTIONS · BY AGENT TYPE Coding agents Customer-support agents Internal copilots Autonomous agents MCP DIRECTORY Tools Policies Risk Levels Token Cost MCP SECURITY MCP Security Attack Database MCP Incidents Compliance LEARN Blog Research State of MCP Glossary Integrations Compare Scan STACK CHECK DOCS PRICING START FREE

// MCP TOOL REFERENCE

THREAT ZONE MCP SERVER TOOLS

31 tools from the Threat Zone MCP Server MCP Server, categorised by risk level.

View the Threat Zone MCP Server policy →

// ALL 31 THREAT ZONE MCP SERVER TOOLS

READ 26 tools

Read download_html_report Download HTML analysis report for a submission. Read download_sanitized_file Download the CDR-sanitized file for a given submission UUID. Read get_levels Get threat levels used in analysis results. Read get_metafields Get available metafields for scan configuration. Read get_my_submissions Get user's submissions with pagination. Read get_public_submissions Get public submissions with pagination. Read get_sample_metafield Get sample metafield configuration for sandbox analysis. Read get_server_config Get current server configuration including API URL and connection status. Read get_statuses Get submission statuses. Read get_submission Get submission details by UUID. Read get_submission_artifacts Get all artifacts for a specific submission. Read get_submission_config_extractor Get all extracted configurations for a specific submission. Read get_submission_dns Get all DNS queries for a specific submission. Read get_submission_http Get all HTTP requests and packets for a specific submission. Read get_submission_indicators Get all indicators for a specific submission. Read get_submission_iocs Get all Indicators of Compromise for a specific submission. Read get_submission_network_threats Get all network threats for a specific submission. Read get_submission_status_summary Get submission details with interpreted status and threat level. Read get_submission_tcp Get all TCP requests and packets for a specific submission. Read get_submission_udp Get all UDP requests and packets for a specific submission. Read get_submission_varist_results Get Varist Hybrid Analyzer results for a specific submission. Read get_submission_yara_rules Get all matched YARA rules for a specific submission. Read get_user_info Get current user information, workspace details, and usage limits. Read interpret_status Interpret a numeric status value from submission results. Read interpret_threat_level Interpret a numeric threat level value from analysis results. Read search_by_hash Search submissions by file hash (MD5, SHA1, or SHA256).

EXECUTE 5 tools

Execute scan_file_cdr scan_file_cdr Execute scan_file_sandbox scan_file_sandbox Execute scan_file_sandbox_simple scan_file_sandbox_simple Execute scan_file_static Submit a file for static analysis. Execute scan_url Analyze a URL for threats and malicious content.

// FAQ

How many tools does the Threat Zone MCP Server MCP server have? +

The Threat Zone MCP Server MCP server exposes 31 tools across 2 categories: Read, Execute.

How do I enforce policies on Threat Zone MCP Server tools? +

Route the Threat Zone MCP Server server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Threat Zone MCP Server tools fall into? +

Threat Zone MCP Server tools are categorised as Read (26), Execute (5). Each category has a recommended default policy.

Enforce policy on every Threat Zone MCP Server tool call.

Start from Threat Zone MCP Server, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.