The S4E MCP server exposes a set of tools grouped into seven domains: User, Scans, Assets, Risk, Crawler, Reports, and Dashboard, plus a built-in Help system. You rarely call these by name — your AI assistant picks the right tool from your natural-language request. This page documents what each one does so you know exactly what the assistant has at its disposal.
Tip
You can also ask the assistant "What S4E tools are available?" or "Help me get started with S4E" — the Help tools return live, in-product guidance.
User
Account, token, and subscription tools.
| Tool | Description | Key inputs |
|---|---|---|
verify_token |
Verify that the configured S4E API token is valid. | — |
get_user_info |
Retrieve S4E account information for the token owner. | — |
get_package_info |
Subscription/plan details — tier, scan quota, expiry. Answers "have I hit my limit?" or "when does my plan renew?". | — |
Help
In-product guidance and topic discovery.
| Tool | Description | Key inputs |
|---|---|---|
get_help |
Get help on an S4E topic (overview, quickstart, asset_guide, scan/report/crawler topics, troubleshooting, …). | topic |
list_help_topics |
List all available help topics. | — |
Scans
Launch scans and explore the scan catalog.
| Tool | Description | Key inputs |
|---|---|---|
start_full_scan |
Comprehensive security scan — 10,000+ checks (SQLi, XSS, SSRF, CSRF, XXE, DNS, SSL, misconfiguration). | asset or asset_id |
start_light_scan |
Quick scan — basic DNS, SSL/TLS, misconfiguration, and network checks. | asset or asset_id |
start_crawler_scan |
Discover URLs and map site structure. Does not run security tests. | asset or asset_id |
start_single_scan |
Run one specific vulnerability check by its slug (e.g. ssl-certificate-check). |
asset, slug, port? |
list_scans |
List available scan types, filterable by category or search text. | query?, category?, page? |
check_capability |
Answer "Can S4E check for X?" against the live catalog (e.g. "sql injection", "log4j", "ssl"). | query |
Scan categories: dns-controls, ssl-controls, misconfiguration, network-vulnerabilities, web-vulnerabilities, information-scans, product-based-web-vulnerabilities, product-based-network-vulnerabilities, exposed-panels.
Assets
Manage the domains, IPs, and CIDR ranges in your account.
| Tool | Description | Key inputs |
|---|---|---|
list_assets |
List assets with risk interpretation. Supports search and verified-only filters. | search?, verified?, page? |
get_asset_detail |
Detailed info for a single asset. | asset |
add_assets |
Add new assets (domains/IPs/CIDRs). Automatically checks ownership first. | assets, description? |
check_asset_ownership |
Check whether assets are available or already claimed by another user. | assets |
check_asset_type |
Validate asset format/type (domain, subdomain, ipv4, ipv6, cidr). | assets |
list_asset_tags |
List user-defined tags and the asset IDs attached to each. | — |
update_asset_scan_categories |
Toggle scan categories on/off for an asset (continuous-scan config). | asset_id, status_list |
Asset verification
Newly added assets must be verified. Unverified assets are automatically removed after 24 hours. Verify them in the Asset Manager.
Risk
Asset risk scores and historical trends.
| Tool | Description | Key inputs |
|---|---|---|
get_asset_risk_score |
Detailed risk scores for one or more assets (V2). Includes severity counts, open ports, SSL details, and other risk parameters. | asset?, assets?, asset_ids?, tag?, if_unique?, page?, order_by? |
get_asset_risk_history |
Historical risk scores for assets — track how posture changed over time. | asset?, assets?, asset_ids?, tag?, page?, order_by? |
At least one filter is required: asset, assets, asset_ids, or tag.
order_by values: calculated_at · asset_id · risk_score
if_unique: When true, get_asset_risk_score returns only the latest score per asset.
Risk score
In the MCP tool output, a high risk score = secure (100 is best) and a low score = risky. A score of 0 means the asset has not been scanned yet. Each result includes a risk_analysis block with an interpretation, severity breakdown, and calculation timestamp.
Crawler
Tune how the crawler explores a web asset.
| Tool | Description | Key inputs |
|---|---|---|
get_crawler_settings |
Show the crawler configuration for an asset. | asset_id |
add_included_urls |
Add URLs that should always be crawled. | asset_id, urls |
add_excluded_urls |
Add URL patterns that should never be crawled. | asset_id, urls |
update_crawler_header |
Add a custom HTTP header (e.g. Authorization) for crawl requests. |
asset_id, header_name, header_value |
Reports
Read vulnerabilities, summaries, and history.
| Tool | Description | Key inputs |
|---|---|---|
get_vulnerabilities |
List detected vulnerabilities, filterable by asset, severity, and status. | asset?, severity?, status?, page? |
get_severity_summary |
Vulnerability counts per severity level. | asset? |
get_report_history |
Historical reports for a scan or asset over time — track regressions and last-scan dates. | scan_slug?, asset_id?, asset?, … |
Severity: 1 Info · 2 Low · 3 Medium · 4 High · 5 Critical
Status: 0 Open · 1 Fixed · 2 Request for Approval · 3 Accepted Risk · 4 False Positive · 5 Support Ongoing · 6 No Action Required · 7 Reopened · 8 In Progress
Dashboard
Posture overview and scan introspection.
| Tool | Description | Key inputs |
|---|---|---|
get_security_summary |
Overall posture: user risk score, per-asset scores, severity distribution, open ports. | — |
get_scan_history |
List and status of recent scans. | page?, per_page? |
get_open_ports |
Open ports across all your assets, with risk-level hints. | — |
get_scan_activity_logs |
Live progress/activity log for a running or completed scan, by slug. | slug, scan_type? |
get_scan_categories_with_count |
Finding counts per category for a group-scan slug. | slug, asset_type? |
Next Steps
- See these tools in action in Example Prompts.
- For the underlying REST endpoints, see the Public API reference.