Example Prompts

Once the S4E MCP server is connected, you talk to your AI assistant in plain language — it picks the right tools automatically. Below are ready-to-use prompts grouped by task. Copy one, swap in your own asset, and send it.

Chaining works

You can combine steps in a single prompt, e.g. "Add example.com, verify my token, then start a full scan and summarize the critical findings when it's done." The assistant will sequence the tool calls for you.

Getting Started

Verify my S4E token and tell me which account it belongs to.

What can S4E do? Give me a quick overview of the available scans.

Show my current subscription plan and how much scan quota I have left.

Managing Assets

List all my assets and highlight the riskiest ones.

Is example.com available to add, or is it already claimed by someone else?

Add example.com and api.example.com as new assets with the description "Production web".

Show me the details for example.com, including its risk score.

List my asset tags so I can see how my assets are grouped.

Asset Risk

What is the current risk score for example.com? Break down the severity counts.

Show the latest risk scores for all assets tagged "production".

How has the risk score for example.com changed over the last few scans?

Which assets in my account have the lowest risk scores right now?

Running Scans

Start a full security scan on example.com.

Run a quick light scan on 203.0.113.10 — I just want DNS and SSL checks.

Crawl example.com and map out its URL structure (no security tests).

Run only an SSL certificate check on example.com.

Can S4E detect Log4j (CVE-2021-44228)? If so, run that check on example.com.

Tracking Scan Progress

What scans have I run recently and what's their status?

Show me the live activity log for scan <scan-slug>.

For group scan <scan-slug>, how many findings are there per category?

Reviewing Findings

List the open High and Critical vulnerabilities across all my assets.

Give me a severity summary for example.com — how many criticals, highs, mediums?

Show the vulnerability history for example.com. Did anything regress since the last scan?

What open ports do I have, and which ones are risky?

Posture Overview

Give me an overall security summary: my risk score, top risky assets, and open ports.

Which of my assets has the worst security score, and what should I fix first?

Tuning the Crawler

Show the crawler settings for asset ID 1234.

Exclude https://example.com/admin and https://example.com/logout from crawling on asset 1234.

Always crawl https://example.com/api and https://example.com/checkout for asset 1234.

Add an Authorization header "Bearer abc123" to the crawler for asset 1234 so it can reach authenticated pages.

End-to-End Workflows

A few prompts that combine several tools in one go:

Onboard example.com: check ownership, add it, then start a full scan and tell me
the result URL.

Audit example.com end-to-end: run a full scan, wait for it, then summarize the
Critical and High findings with remediation suggestions.

Give me a weekly security report: overall risk score, new critical findings since
last week, and any newly opened ports.

Tips for Better Results

Be specific about the asset. Use the exact domain/IP or asset ID.
State the severity you care about. "Critical and High only" keeps responses focused.
Ask for the result link. Scan tools return a dashboard URL you can open for full detail.
Let the assistant resolve IDs. You can usually say "example.com" instead of an asset ID — the server looks it up.

See the Tools Reference for the complete capability list.