// docs / mcp

MCP server

So FixVibe mọ Claude Desktop, Cursor, tàbí client eyikeyi tó ń sọ Model Context Protocol. AI agent rẹ gba access tí a ti typed sí scans rẹ, findings rẹ, àti prompts ìtúnṣe template kan náà tó ń ṣiṣẹ́ fún bọ́tìnì Copy fix prompt lórí dashboard.

Dá API token sílẹ̀

Ṣàbẹ̀wò sí /account/api-tokens kí o dá token kan tí a pè ní, fún àpẹẹrẹ, claude-desktop. Daakọ plaintext value náà — ó hàn lẹ́ẹ̀kan.

Tokens jẹ́ bearer credentials: ẹnikẹ́ni tó ní string náà lè ka scans rẹ kí ó sì bẹ̀rẹ̀ tuntun. Fi pamọ́ bí password.

Darí MCP client rẹ sí /api/mcp

Claude Desktop / Cursor / Continue / Zed:

{
  "mcpServers": {
    "fixvibe": {
      "transport": "streamable-http",
      "url": "https://fixvibe.app/api/mcp",
      "headers": {
        "Authorization": "Bearer fxv_YOUR_TOKEN_HERE"
      }
    }
  }
}

Tun client náà bẹ̀rẹ̀. Server fixvibe yẹ kí ó hàn nínú àtòjọ MCP server rẹ.

Dán an wò

Béèrè lọ́wọ́ agent rẹ àwọn nkan bí:

“Ṣe àtòjọ àwọn scan FixVibe 10 mi tó kẹ́yìn.”
“Fi findings critical lórí scan tuntun jù lọ hàn mí.”
“Bẹ̀rẹ̀ passive scan sí https://staging.example.com.”
“Fún finding high-severity kọ̀ọ̀kan lórí scan X, kọ fix kan.”
“Ṣé open live-threat alerts wà lórí domains mi?”
Tẹ /fixvibe-fix pẹ̀lú finding id láti ju prompt ìtúnṣe template sínú chat taara.

Tools

list_scanskà: Ó dá scans tó ṣẹ̀ṣẹ̀ ṣẹlẹ̀ tó 100 padà pẹ̀lú status + iye findings. Args: limit?: 1..100.
get_scankà: Scan envelope + severity summary fún category kọ̀ọ̀kan ní default. Ṣètò include_findings=true fún full report (ó tóbi fún scans aláriwo — fẹ́ list_findings + filters). Args: scan_id (uuid), include_findings?: boolean.
list_findingskà: Findings paginated kọjá gbogbo scans rẹ. Args: severity?: list, check_id?, since? (ISO 8601), limit?: 1..200.
start_scankọ: Enqueues a scan and returns an id with status queued; poll get_scan to await completion. Passive mode is always available through MCP. Active mode requires a paid plan plus verified-domain authorization from the dashboard. Args: target (URL or hostname), mode? (passive|active).
list_alertskà: Awọn iwifunni irokeke laaye (awọn iyatọ CT log, awọn iyipada DNS, awọn akojọ threat intel). Wa nikan lori eto Unlimited; awọn eto Hobby ati Pro da akojọ ofifo pada. Args: domain_id?, active_only?, limit?: 1..200.
get_alertkà: Single alert with the relevant domain, severity, type, and event details. Args: alert_id (uuid).
dismiss_alertkọ · idempotent: Samisi alert kan gẹ́gẹ́ bí dismissed. Idempotent — dismiss lẹ́ẹ̀kansi jẹ́ no-op. Args: alert_id (uuid).

Resources

Resources jẹ́ kí client rẹ so data FixVibe mọ ìjíròrò taara, dípò kí agent tún fetch rẹ ní gbogbo turn. Nínú Claude Desktop, tẹ menu @ → fixvibe.

fixvibe://scan/{scan_id}/reportjson: Full FixVibe scan report pẹ̀lú gbogbo check àti gbogbo finding.
fixvibe://finding/{finding_id}json: Finding kan ṣoṣo (severity, title, description, evidence, remediation, CWE).

Slash commands

/fixvibe-fixprompt: Renders a server-side remediation prompt for a finding, using scan context when available and falling back to generic guidance otherwise. Args: finding_id (uuid). No third-party LLM API call is made by FixVibe.

→ Quotas, RLS, àti severity gating ń ṣiṣẹ́ bákan náà fún MCP àti calls REST.