Skip to content
VulnForge
Model Context Protocol

Let any AI agent drive VulnForge.

VulnForge ships an MCP server at /mcp exposing 101+ tools over JSON-RPC + Server-Sent Events. Claude Code, custom orchestrators, or your own agent can run the complete workflow — pipeline control, findings CRUD, runtime jobs, disclosure, export — without touching the UI.

101+
tools today
11
categories
via plugins

Tool categories

Every category is registered dynamically — plugins can add new tools at startup, so this list grows. Counts reflect the current shipping catalog; your server will advertise the exact set it has.

9 tools

Pipeline

Drive the autonomous hunt end-to-end from an external agent.

example tools

start_pipelineget_pipeline_statuscancel_pipelinepause_pipelineresume_pipeline
16 tools

Findings

Read and write every step of the finding lifecycle. Includes AI-driven fix generation and autonomous branch+commit+PR remediation.

example tools

list_vulnerabilitiesget_vulnerabilityaccept_scan_findingtriage_findinggenerate_fix_diffautonomous_remediate
13 tools

Analysis

Run static tools, attack-surface mapping, CVE variant hunting, root-cause clustering, and AI-assisted analysis.

example tools

run_toolhunt_cve_patternmap_attack_surfacecluster_findings_by_root_causescore_cve_matchrecommend_assignees
6 tools

Config

Inspect and configure AI routing, providers, and team capabilities.

example tools

get_ai_routingset_ai_routinglist_providersadd_providerget_capabilities
14 tools

Runtime

10 dynamic-analysis executors: fuzz, debug, capture, scan, sandbox, VM. PoC validation in-sandbox.

example tools

start_fuzzrun_debug_sessioncapture_networkrun_nmapstart_sandboxvalidate_poc_in_sandboxstart_vmget_vm_screenshot
10 tools

Notes & Session

Research journal, hypothesis board, step-gated investigations, and teach-mode pattern mining.

example tools

save_notestart_investigationpropose_next_stepexecute_investigation_stepteach_from_decisionlist_learned_patterns
9 tools

Exploits

PoC workbench, proof ladder, and 8 exploit templates.

example tools

create_exploitlink_exploit_to_findingadvance_proof_ladderlist_exploit_templates
7 tools

Intel

Historical CVE data, git bisect, and security-patch pattern extraction.

example tools

sync_nvdcross_reference_cvesgit_bisectanalyze_patch
8 tools

Disclosure

Vendor management, ticketing integrations, SLA tracking, bounty analytics.

example tools

create_disclosurelist_vendorscreate_ticketsend_slack_updateget_sla_status
5 tools

Export

SARIF 2.1, CVE JSON 5.0, workspace backup — compatible with GitHub/GitLab/Azure DevOps.

example tools

export_sarifexport_cve_jsonexport_backuplist_exports
4 tools

Audit

Every action logged. Query the audit trail from any agent.

example tools

query_audit_logget_action_historylist_user_actions

Quick connect

Three ways to hit the endpoint. All authenticate via session cookie (solo) or JWT (team).

bash
curl -sX POST http://localhost:3001/mcp \
  -H 'accept: application/json, text/event-stream' \
  -H 'content-type: application/json' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}' \
  | jq '.result.tools | length'
# → 101

Want to write a new tool?

The MCP tool authoring guide walks through registration, parameter schemas, and how your tool participates in the 5-tier pipeline.

Read the authoring guide