naftiko: 1.0.0-alpha2 info: label: PDCP API description: 'PDCP API. 31 operations. Lead operation: List Misconfiguration Findings. Self-contained Naftiko capability covering one Nuclei business surface.' tags: - Nuclei created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: NUCLEI_API_KEY: NUCLEI_API_KEY capability: consumes: - type: http namespace: nuclei-general baseUri: https://api.projectdiscovery.io description: PDCP API business capability. Self-contained, no shared references. resources: - name: v1-asset-enumerate-misconfiguration path: /v1/asset/enumerate/misconfiguration operations: - name: getv1assetenumeratemisconfiguration method: GET description: List Misconfiguration Findings outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: limit in: query type: integer description: The numbers of items to return - name: offset in: query type: integer description: The number of items to skip before starting to collect the result set - name: search in: query type: string description: Case-insensitive substring search on the host field - name: finding_type in: query type: string description: Filter by finding type - name: v1-asset-enumerate-enumerate_id-config path: /v1/asset/enumerate/{enumerate_id}/config operations: - name: patchv1assetenumerateenumerateidconfig method: PATCH description: Update enumeration config outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: update_type in: query type: string description: default mode is append - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: body in: body type: object description: Request body (JSON). required: false - name: v1-asset-enumerate-enumerate_id-history path: /v1/asset/enumerate/{enumerate_id}/history operations: - name: getv1assetenumerateenumerateidhistory method: GET description: Get asset enumeration history data outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: offset in: query type: integer description: The number of items to skip before starting to collect the result set - name: limit in: query type: integer description: The numbers of items to return - name: start_date in: query type: string description: time filter start date - name: time_range in: query type: string - name: end_date in: query type: string description: time filter end date - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: v1-asset-policy path: /v1/asset/policy operations: - name: getv1assetpolicy method: GET description: List asset policies outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: limit in: query type: integer description: Number of items to return - name: offset in: query type: integer description: Number of items to skip - name: postv1assetpolicy method: POST description: Create asset policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: v1-asset-policy-suggestion path: /v1/asset/policy/suggestion operations: - name: getv1assetpolicysuggestion method: GET description: Get asset policy suggestions outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: enumeration_id in: query type: string description: Optional enumeration ID to scope suggestions - name: limit in: query type: integer description: Maximum suggestions per category - name: threshold in: query type: number description: Minimum percentage threshold for anomaly detection - name: v1-asset-policy-policy_id path: /v1/asset/policy/{policy_id} operations: - name: getv1assetpolicypolicyid method: GET description: Get asset policy outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patchv1assetpolicypolicyid method: PATCH description: Update asset policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: update_type in: query type: string description: 'Update strategy. `append` (default) merges new values with existing ones. `replace` overwrites the entire policy — all required fields for the policy type must ' - name: body in: body type: object description: Request body (JSON). required: false - name: deletev1assetpolicypolicyid method: DELETE description: Delete asset policy outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-asset-policy-policy_id-events path: /v1/asset/policy/{policy_id}/events operations: - name: getv1assetpolicypolicyidevents method: GET description: Get asset policy events outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: limit in: query type: integer description: 'Maximum results per page (default: 50, max: 100)' - name: offset in: query type: integer description: Number of items to skip for pagination - name: v1-leaks path: /v1/leaks operations: - name: getv1leaks method: GET description: Get all leaked credentials outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: type in: query type: string description: Filter by specific leak type (single value only) - name: domain in: query type: string description: Filter leaks by specific domain (applies to employee/customer leaks) - name: email in: query type: string description: Filter leaks by specific email (can be personal, employee, or customer email from user's authorized results) - name: search in: query type: string description: Search query to filter results across all fields - name: limit in: query type: number description: Number of results per page for pagination - name: page_number in: query type: number description: Page number for pagination (starts from 1) - name: start_date in: query type: string description: time filter start date - name: time_range in: query type: string - name: end_date in: query type: string description: time filter end date - name: sort_by in: query type: string description: supported sort fields - name: sort_order in: query type: string description: supported sort order (asc or desc) - name: status in: query type: string description: supported status (fixed or open) - name: group_by in: query type: string description: Group results by field - returns group summaries when used without field-specific filtering - name: url in: query type: string description: Filter by specific URL (used with group_by for drill-down) - name: country in: query type: string description: Filter by specific country (used with group_by for drill-down) - name: device_ip in: query type: string description: Filter by specific device IP (used with group_by for drill-down) - name: hostname in: query type: string description: Filter by specific hostname (used with group_by for drill-down) - name: hardware_id in: query type: string description: Filter by specific hardware ID (used with group_by for drill-down) - name: v1-payment-stripe-invoices path: /v1/payment/stripe/invoices operations: - name: getv1paymentstripeinvoices method: GET description: Get a list of invoices for a customer outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-scan_id-error_stats path: /v1/scans/{scan_id}/error_stats operations: - name: getscansiderrorstats method: GET description: Get error statistics of given scan id outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-team-audit_log path: /v1/team/audit_log operations: - name: getv1auditlog method: GET description: Get audit logs for team outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: email in: query type: string description: filter by specific user - name: action in: query type: string description: filter by specific action name - name: offset in: query type: integer description: number of rows to skip - name: limit in: query type: integer description: number of rows to get - name: start_date in: query type: string description: start date from which you want to get logs - name: end_date in: query type: string description: end date till which you want to get logs - name: time_range in: query type: string description: time range to get logs - name: source in: query type: string description: filter by request source (api, platform, unknown) - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: v1-team-audit_log-search path: /v1/team/audit_log/search operations: - name: getv1teamauditlogsearch method: GET description: Smart search across audit logs outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: q in: query type: string description: 'Search query. Automatically detects search intent:' required: true - name: offset in: query type: integer description: number of rows to skip - name: limit in: query type: integer description: number of rows to get (max 100) - name: X-Team-Id in: header type: string description: '''Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team''' required: true - name: v1-template-leaderboard-name path: /v1/template/leaderboard/{name} operations: - name: getv1templateleaderboardid method: GET description: Get Leaderboard ID Details outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: fields in: query type: array description: List of fields to return(comma separated) - name: limit in: query type: integer description: The numbers of items to return - name: offset in: query type: integer description: The numbers of items to skip - name: v1-template-share-template_id path: /v1/template/share/{template_id} operations: - name: patchv1templatesharetemplateid method: PATCH description: Update Shared Template outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: deletev1templatesharetemplateid method: DELETE description: Unshare/Delete template outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-domain-verification-request path: /v1/user/domain-verification/request operations: - name: deletev1userdomainverificationrequest method: DELETE description: Request Domain Delete outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: body in: body type: object description: Request body (JSON). required: false - name: v1-vulns-coverage path: /v1/vulns/coverage operations: - name: getv1vulnscoverage method: GET description: Get Vulnerability Template Coverage Statistics outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: q in: query type: string description: SearchQL query to filter vulnerabilities (e.g., "severity:critical", "affected_products.product:wordpress") - name: term_facets in: query type: array description: List of term facets to apply - name: range_facets in: query type: array description: List of range facets to apply - name: v2-template path: /v2/template operations: - name: getv2template method: GET description: Your GET endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: scope in: query type: string - name: limit in: query type: integer - name: offset in: query type: integer - name: fields in: query type: array description: List of fields to return(comma separated) - name: sort_desc in: query type: string - name: sort_asc in: query type: string - name: template-ids in: query type: array - name: id in: query type: array - name: exclude-id in: query type: array - name: tags in: query type: array - name: include-tags in: query type: array - name: exclude-tags in: query type: array - name: severity in: query type: array - name: exclude-severity in: query type: array - name: type in: query type: array - name: exclude-type in: query type: array - name: templates in: query type: array - name: exclude-templates in: query type: array - name: profile_name in: query type: string - name: is_new in: query type: boolean - name: is_early in: query type: boolean - name: is_github in: query type: boolean - name: is_draft in: query type: boolean - name: v2-template-user-upload path: /v2/template/user/upload operations: - name: postv2templateuserupload method: POST description: Upload Templates outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: patchv2templateuserupload method: PATCH description: Bulk Update User Template outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: v2-vulnerability-filters path: /v2/vulnerability/filters operations: - name: getv2vulnerabilityfilters method: GET description: Get All Filters for Vulnerabilities outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v2-vulnerability-product-filters path: /v2/vulnerability/product/filters operations: - name: getv2productfilters method: GET description: Get All Filters for Products outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v2-vulnerability-product-search path: /v2/vulnerability/product/search operations: - name: getv2productsearch method: GET description: Search Products outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: limit in: query type: integer description: The numbers of items to return - name: offset in: query type: integer description: The numbers of items to skip - name: sort_asc in: query type: string description: Sort results in ascending order (CSV field names) - name: sort_desc in: query type: string description: Sort results in descending order (CSV field names) - name: fields in: query type: array description: List of fields to return(comma separated) - name: term_facets in: query type: array description: List of fields to return(comma separated) - name: range_facets in: query type: array description: List of fields to return(comma separated) - name: q in: query type: string description: query - name: highlight in: query type: boolean description: Whether to highlight the search results - name: facet_size in: query type: integer description: Number of facets to return - name: v2-vulnerability-product-id path: /v2/vulnerability/product/{id} operations: - name: getproductbyid method: GET description: Get Product by ID outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: fields in: query type: string description: product data fields - name: v2-vulnerability-product-id-timeline path: /v2/vulnerability/product/{id}/timeline operations: - name: getproducttimeline method: GET description: Get Vulnerability Timeline for Product outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: limit in: query type: integer description: The numbers of items to return - name: offset in: query type: integer description: The numbers of items to skip - name: sort_asc in: query type: string description: Sort results in ascending order (CSV field names) - name: sort_desc in: query type: string description: Sort results in descending order (CSV field names) - name: fields in: query type: array description: List of fields to return(comma separated) - name: term_facets in: query type: array description: List of fields to return(comma separated) - name: range_facets in: query type: array description: List of fields to return(comma separated) - name: q in: query type: string description: query - name: highlight in: query type: boolean description: Whether to highlight the search results - name: facet_size in: query type: integer description: Number of facets to return - name: v2-vulnerability-product-id-vulns path: /v2/vulnerability/product/{id}/vulns operations: - name: getproductvulns method: GET description: Get Vulnerabilities for Product outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: limit in: query type: integer description: The numbers of items to return - name: offset in: query type: integer description: The numbers of items to skip - name: sort_asc in: query type: string description: Sort results in ascending order (CSV field names) - name: sort_desc in: query type: string description: Sort results in descending order (CSV field names) - name: fields in: query type: array description: List of fields to return(comma separated) - name: term_facets in: query type: array description: List of fields to return(comma separated) - name: range_facets in: query type: array description: List of fields to return(comma separated) - name: q in: query type: string description: query - name: highlight in: query type: boolean description: Whether to highlight the search results - name: facet_size in: query type: integer description: Number of facets to return - name: v2-vulnerability-search path: /v2/vulnerability/search operations: - name: getv2vulnerabilitysearch method: GET description: Full Text Search outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: limit in: query type: integer description: The numbers of items to return - name: offset in: query type: integer description: The numbers of items to skip - name: sort_asc in: query type: string description: Sort results in ascending order (CSV field names) - name: sort_desc in: query type: string description: Sort results in descending order (CSV field names) - name: fields in: query type: array description: List of fields to return(comma separated) - name: term_facets in: query type: array description: List of fields to return(comma separated) - name: range_facets in: query type: array description: List of fields to return(comma separated) - name: q in: query type: string description: query - name: highlight in: query type: boolean description: Whether to highlight the search results - name: facet_size in: query type: integer description: Number of facets to return - name: v2-vulnerability-id path: /v2/vulnerability/{id} operations: - name: getvulnerabilitybyid method: GET description: Get Vulnerability by ID outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: fields in: query type: string description: template data fields authentication: type: apikey key: X-API-Key value: '{{env.NUCLEI_API_KEY}}' placement: header exposes: - type: rest namespace: nuclei-general-rest port: 8080 description: REST adapter for PDCP API. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/v1/asset/enumerate/misconfiguration name: v1-asset-enumerate-misconfiguration description: REST surface for v1-asset-enumerate-misconfiguration. operations: - method: GET name: getv1assetenumeratemisconfiguration description: List Misconfiguration Findings call: nuclei-general.getv1assetenumeratemisconfiguration with: X-Team-Id: rest.X-Team-Id limit: rest.limit offset: rest.offset search: rest.search finding_type: rest.finding_type outputParameters: - type: object mapping: $. - path: /v1/v1/asset/enumerate/{enumerate-id}/config name: v1-asset-enumerate-enumerate-id-config description: REST surface for v1-asset-enumerate-enumerate_id-config. operations: - method: PATCH name: patchv1assetenumerateenumerateidconfig description: Update enumeration config call: nuclei-general.patchv1assetenumerateenumerateidconfig with: update_type: rest.update_type X-Team-Id: rest.X-Team-Id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/v1/asset/enumerate/{enumerate-id}/history name: v1-asset-enumerate-enumerate-id-history description: REST surface for v1-asset-enumerate-enumerate_id-history. operations: - method: GET name: getv1assetenumerateenumerateidhistory description: Get asset enumeration history data call: nuclei-general.getv1assetenumerateenumerateidhistory with: offset: rest.offset limit: rest.limit start_date: rest.start_date time_range: rest.time_range end_date: rest.end_date X-Team-Id: rest.X-Team-Id outputParameters: - type: object mapping: $. - path: /v1/v1/asset/policy name: v1-asset-policy description: REST surface for v1-asset-policy. operations: - method: GET name: getv1assetpolicy description: List asset policies call: nuclei-general.getv1assetpolicy with: limit: rest.limit offset: rest.offset outputParameters: - type: object mapping: $. - method: POST name: postv1assetpolicy description: Create asset policy call: nuclei-general.postv1assetpolicy with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/v1/asset/policy/suggestion name: v1-asset-policy-suggestion description: REST surface for v1-asset-policy-suggestion. operations: - method: GET name: getv1assetpolicysuggestion description: Get asset policy suggestions call: nuclei-general.getv1assetpolicysuggestion with: enumeration_id: rest.enumeration_id limit: rest.limit threshold: rest.threshold outputParameters: - type: object mapping: $. - path: /v1/v1/asset/policy/{policy-id} name: v1-asset-policy-policy-id description: REST surface for v1-asset-policy-policy_id. operations: - method: GET name: getv1assetpolicypolicyid description: Get asset policy call: nuclei-general.getv1assetpolicypolicyid outputParameters: - type: object mapping: $. - method: PATCH name: patchv1assetpolicypolicyid description: Update asset policy call: nuclei-general.patchv1assetpolicypolicyid with: update_type: rest.update_type body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletev1assetpolicypolicyid description: Delete asset policy call: nuclei-general.deletev1assetpolicypolicyid outputParameters: - type: object mapping: $. - path: /v1/v1/asset/policy/{policy-id}/events name: v1-asset-policy-policy-id-events description: REST surface for v1-asset-policy-policy_id-events. operations: - method: GET name: getv1assetpolicypolicyidevents description: Get asset policy events call: nuclei-general.getv1assetpolicypolicyidevents with: limit: rest.limit offset: rest.offset outputParameters: - type: object mapping: $. - path: /v1/v1/leaks name: v1-leaks description: REST surface for v1-leaks. operations: - method: GET name: getv1leaks description: Get all leaked credentials call: nuclei-general.getv1leaks with: type: rest.type domain: rest.domain email: rest.email search: rest.search limit: rest.limit page_number: rest.page_number start_date: rest.start_date time_range: rest.time_range end_date: rest.end_date sort_by: rest.sort_by sort_order: rest.sort_order status: rest.status group_by: rest.group_by url: rest.url country: rest.country device_ip: rest.device_ip hostname: rest.hostname hardware_id: rest.hardware_id outputParameters: - type: object mapping: $. - path: /v1/v1/payment/stripe/invoices name: v1-payment-stripe-invoices description: REST surface for v1-payment-stripe-invoices. operations: - method: GET name: getv1paymentstripeinvoices description: Get a list of invoices for a customer call: nuclei-general.getv1paymentstripeinvoices outputParameters: - type: object mapping: $. - path: /v1/v1/scans/{scan-id}/error-stats name: v1-scans-scan-id-error-stats description: REST surface for v1-scans-scan_id-error_stats. operations: - method: GET name: getscansiderrorstats description: Get error statistics of given scan id call: nuclei-general.getscansiderrorstats outputParameters: - type: object mapping: $. - path: /v1/v1/team/audit-log name: v1-team-audit-log description: REST surface for v1-team-audit_log. operations: - method: GET name: getv1auditlog description: Get audit logs for team call: nuclei-general.getv1auditlog with: email: rest.email action: rest.action offset: rest.offset limit: rest.limit start_date: rest.start_date end_date: rest.end_date time_range: rest.time_range source: rest.source X-Team-Id: rest.X-Team-Id outputParameters: - type: object mapping: $. - path: /v1/v1/team/audit-log/search name: v1-team-audit-log-search description: REST surface for v1-team-audit_log-search. operations: - method: GET name: getv1teamauditlogsearch description: Smart search across audit logs call: nuclei-general.getv1teamauditlogsearch with: q: rest.q offset: rest.offset limit: rest.limit X-Team-Id: rest.X-Team-Id outputParameters: - type: object mapping: $. - path: /v1/v1/template/leaderboard/{name} name: v1-template-leaderboard-name description: REST surface for v1-template-leaderboard-name. operations: - method: GET name: getv1templateleaderboardid description: Get Leaderboard ID Details call: nuclei-general.getv1templateleaderboardid with: fields: rest.fields limit: rest.limit offset: rest.offset outputParameters: - type: object mapping: $. - path: /v1/v1/template/share/{template-id} name: v1-template-share-template-id description: REST surface for v1-template-share-template_id. operations: - method: PATCH name: patchv1templatesharetemplateid description: Update Shared Template call: nuclei-general.patchv1templatesharetemplateid with: body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletev1templatesharetemplateid description: Unshare/Delete template call: nuclei-general.deletev1templatesharetemplateid outputParameters: - type: object mapping: $. - path: /v1/v1/user/domain-verification/request name: v1-user-domain-verification-request description: REST surface for v1-user-domain-verification-request. operations: - method: DELETE name: deletev1userdomainverificationrequest description: Request Domain Delete call: nuclei-general.deletev1userdomainverificationrequest with: X-Team-Id: rest.X-Team-Id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/v1/vulns/coverage name: v1-vulns-coverage description: REST surface for v1-vulns-coverage. operations: - method: GET name: getv1vulnscoverage description: Get Vulnerability Template Coverage Statistics call: nuclei-general.getv1vulnscoverage with: q: rest.q term_facets: rest.term_facets range_facets: rest.range_facets outputParameters: - type: object mapping: $. - path: /v1/v2/template name: v2-template description: REST surface for v2-template. operations: - method: GET name: getv2template description: Your GET endpoint call: nuclei-general.getv2template with: X-Team-Id: rest.X-Team-Id scope: rest.scope limit: rest.limit offset: rest.offset fields: rest.fields sort_desc: rest.sort_desc sort_asc: rest.sort_asc template-ids: rest.template-ids id: rest.id exclude-id: rest.exclude-id tags: rest.tags include-tags: rest.include-tags exclude-tags: rest.exclude-tags severity: rest.severity exclude-severity: rest.exclude-severity type: rest.type exclude-type: rest.exclude-type templates: rest.templates exclude-templates: rest.exclude-templates profile_name: rest.profile_name is_new: rest.is_new is_early: rest.is_early is_github: rest.is_github is_draft: rest.is_draft outputParameters: - type: object mapping: $. - path: /v1/v2/template/user/upload name: v2-template-user-upload description: REST surface for v2-template-user-upload. operations: - method: POST name: postv2templateuserupload description: Upload Templates call: nuclei-general.postv2templateuserupload with: body: rest.body outputParameters: - type: object mapping: $. - method: PATCH name: patchv2templateuserupload description: Bulk Update User Template call: nuclei-general.patchv2templateuserupload with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/filters name: v2-vulnerability-filters description: REST surface for v2-vulnerability-filters. operations: - method: GET name: getv2vulnerabilityfilters description: Get All Filters for Vulnerabilities call: nuclei-general.getv2vulnerabilityfilters outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/product/filters name: v2-vulnerability-product-filters description: REST surface for v2-vulnerability-product-filters. operations: - method: GET name: getv2productfilters description: Get All Filters for Products call: nuclei-general.getv2productfilters outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/product/search name: v2-vulnerability-product-search description: REST surface for v2-vulnerability-product-search. operations: - method: GET name: getv2productsearch description: Search Products call: nuclei-general.getv2productsearch with: limit: rest.limit offset: rest.offset sort_asc: rest.sort_asc sort_desc: rest.sort_desc fields: rest.fields term_facets: rest.term_facets range_facets: rest.range_facets q: rest.q highlight: rest.highlight facet_size: rest.facet_size outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/product/{id} name: v2-vulnerability-product-id description: REST surface for v2-vulnerability-product-id. operations: - method: GET name: getproductbyid description: Get Product by ID call: nuclei-general.getproductbyid with: fields: rest.fields outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/product/{id}/timeline name: v2-vulnerability-product-id-timeline description: REST surface for v2-vulnerability-product-id-timeline. operations: - method: GET name: getproducttimeline description: Get Vulnerability Timeline for Product call: nuclei-general.getproducttimeline with: limit: rest.limit offset: rest.offset sort_asc: rest.sort_asc sort_desc: rest.sort_desc fields: rest.fields term_facets: rest.term_facets range_facets: rest.range_facets q: rest.q highlight: rest.highlight facet_size: rest.facet_size outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/product/{id}/vulns name: v2-vulnerability-product-id-vulns description: REST surface for v2-vulnerability-product-id-vulns. operations: - method: GET name: getproductvulns description: Get Vulnerabilities for Product call: nuclei-general.getproductvulns with: limit: rest.limit offset: rest.offset sort_asc: rest.sort_asc sort_desc: rest.sort_desc fields: rest.fields term_facets: rest.term_facets range_facets: rest.range_facets q: rest.q highlight: rest.highlight facet_size: rest.facet_size outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/search name: v2-vulnerability-search description: REST surface for v2-vulnerability-search. operations: - method: GET name: getv2vulnerabilitysearch description: Full Text Search call: nuclei-general.getv2vulnerabilitysearch with: limit: rest.limit offset: rest.offset sort_asc: rest.sort_asc sort_desc: rest.sort_desc fields: rest.fields term_facets: rest.term_facets range_facets: rest.range_facets q: rest.q highlight: rest.highlight facet_size: rest.facet_size outputParameters: - type: object mapping: $. - path: /v1/v2/vulnerability/{id} name: v2-vulnerability-id description: REST surface for v2-vulnerability-id. operations: - method: GET name: getvulnerabilitybyid description: Get Vulnerability by ID call: nuclei-general.getvulnerabilitybyid with: fields: rest.fields outputParameters: - type: object mapping: $. - type: mcp namespace: nuclei-general-mcp port: 9090 transport: http description: MCP adapter for PDCP API. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: list-misconfiguration-findings description: List Misconfiguration Findings hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1assetenumeratemisconfiguration with: X-Team-Id: tools.X-Team-Id limit: tools.limit offset: tools.offset search: tools.search finding_type: tools.finding_type outputParameters: - type: object mapping: $. - name: update-enumeration-config description: Update enumeration config hints: readOnly: false destructive: false idempotent: true call: nuclei-general.patchv1assetenumerateenumerateidconfig with: update_type: tools.update_type X-Team-Id: tools.X-Team-Id body: tools.body outputParameters: - type: object mapping: $. - name: get-asset-enumeration-history-data description: Get asset enumeration history data hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1assetenumerateenumerateidhistory with: offset: tools.offset limit: tools.limit start_date: tools.start_date time_range: tools.time_range end_date: tools.end_date X-Team-Id: tools.X-Team-Id outputParameters: - type: object mapping: $. - name: list-asset-policies description: List asset policies hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1assetpolicy with: limit: tools.limit offset: tools.offset outputParameters: - type: object mapping: $. - name: create-asset-policy description: Create asset policy hints: readOnly: false destructive: false idempotent: false call: nuclei-general.postv1assetpolicy with: body: tools.body outputParameters: - type: object mapping: $. - name: get-asset-policy-suggestions description: Get asset policy suggestions hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1assetpolicysuggestion with: enumeration_id: tools.enumeration_id limit: tools.limit threshold: tools.threshold outputParameters: - type: object mapping: $. - name: get-asset-policy description: Get asset policy hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1assetpolicypolicyid outputParameters: - type: object mapping: $. - name: update-asset-policy description: Update asset policy hints: readOnly: false destructive: false idempotent: true call: nuclei-general.patchv1assetpolicypolicyid with: update_type: tools.update_type body: tools.body outputParameters: - type: object mapping: $. - name: delete-asset-policy description: Delete asset policy hints: readOnly: false destructive: true idempotent: true call: nuclei-general.deletev1assetpolicypolicyid outputParameters: - type: object mapping: $. - name: get-asset-policy-events description: Get asset policy events hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1assetpolicypolicyidevents with: limit: tools.limit offset: tools.offset outputParameters: - type: object mapping: $. - name: get-all-leaked-credentials description: Get all leaked credentials hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1leaks with: type: tools.type domain: tools.domain email: tools.email search: tools.search limit: tools.limit page_number: tools.page_number start_date: tools.start_date time_range: tools.time_range end_date: tools.end_date sort_by: tools.sort_by sort_order: tools.sort_order status: tools.status group_by: tools.group_by url: tools.url country: tools.country device_ip: tools.device_ip hostname: tools.hostname hardware_id: tools.hardware_id outputParameters: - type: object mapping: $. - name: get-list-invoices-customer description: Get a list of invoices for a customer hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1paymentstripeinvoices outputParameters: - type: object mapping: $. - name: get-error-statistics-given-scan description: Get error statistics of given scan id hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getscansiderrorstats outputParameters: - type: object mapping: $. - name: get-audit-logs-team description: Get audit logs for team hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1auditlog with: email: tools.email action: tools.action offset: tools.offset limit: tools.limit start_date: tools.start_date end_date: tools.end_date time_range: tools.time_range source: tools.source X-Team-Id: tools.X-Team-Id outputParameters: - type: object mapping: $. - name: smart-search-across-audit-logs description: Smart search across audit logs hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1teamauditlogsearch with: q: tools.q offset: tools.offset limit: tools.limit X-Team-Id: tools.X-Team-Id outputParameters: - type: object mapping: $. - name: get-leaderboard-id-details description: Get Leaderboard ID Details hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1templateleaderboardid with: fields: tools.fields limit: tools.limit offset: tools.offset outputParameters: - type: object mapping: $. - name: update-shared-template description: Update Shared Template hints: readOnly: false destructive: false idempotent: true call: nuclei-general.patchv1templatesharetemplateid with: body: tools.body outputParameters: - type: object mapping: $. - name: unshare-delete-template description: Unshare/Delete template hints: readOnly: false destructive: true idempotent: true call: nuclei-general.deletev1templatesharetemplateid outputParameters: - type: object mapping: $. - name: request-domain-delete description: Request Domain Delete hints: readOnly: false destructive: true idempotent: true call: nuclei-general.deletev1userdomainverificationrequest with: X-Team-Id: tools.X-Team-Id body: tools.body outputParameters: - type: object mapping: $. - name: get-vulnerability-template-coverage-statistics description: Get Vulnerability Template Coverage Statistics hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv1vulnscoverage with: q: tools.q term_facets: tools.term_facets range_facets: tools.range_facets outputParameters: - type: object mapping: $. - name: your-get-endpoint description: Your GET endpoint hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv2template with: X-Team-Id: tools.X-Team-Id scope: tools.scope limit: tools.limit offset: tools.offset fields: tools.fields sort_desc: tools.sort_desc sort_asc: tools.sort_asc template-ids: tools.template-ids id: tools.id exclude-id: tools.exclude-id tags: tools.tags include-tags: tools.include-tags exclude-tags: tools.exclude-tags severity: tools.severity exclude-severity: tools.exclude-severity type: tools.type exclude-type: tools.exclude-type templates: tools.templates exclude-templates: tools.exclude-templates profile_name: tools.profile_name is_new: tools.is_new is_early: tools.is_early is_github: tools.is_github is_draft: tools.is_draft outputParameters: - type: object mapping: $. - name: upload-templates description: Upload Templates hints: readOnly: false destructive: false idempotent: false call: nuclei-general.postv2templateuserupload with: body: tools.body outputParameters: - type: object mapping: $. - name: bulk-update-user-template description: Bulk Update User Template hints: readOnly: false destructive: false idempotent: true call: nuclei-general.patchv2templateuserupload with: body: tools.body outputParameters: - type: object mapping: $. - name: get-all-filters-vulnerabilities description: Get All Filters for Vulnerabilities hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv2vulnerabilityfilters outputParameters: - type: object mapping: $. - name: get-all-filters-products description: Get All Filters for Products hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv2productfilters outputParameters: - type: object mapping: $. - name: search-products description: Search Products hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv2productsearch with: limit: tools.limit offset: tools.offset sort_asc: tools.sort_asc sort_desc: tools.sort_desc fields: tools.fields term_facets: tools.term_facets range_facets: tools.range_facets q: tools.q highlight: tools.highlight facet_size: tools.facet_size outputParameters: - type: object mapping: $. - name: get-product-id description: Get Product by ID hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getproductbyid with: fields: tools.fields outputParameters: - type: object mapping: $. - name: get-vulnerability-timeline-product description: Get Vulnerability Timeline for Product hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getproducttimeline with: limit: tools.limit offset: tools.offset sort_asc: tools.sort_asc sort_desc: tools.sort_desc fields: tools.fields term_facets: tools.term_facets range_facets: tools.range_facets q: tools.q highlight: tools.highlight facet_size: tools.facet_size outputParameters: - type: object mapping: $. - name: get-vulnerabilities-product description: Get Vulnerabilities for Product hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getproductvulns with: limit: tools.limit offset: tools.offset sort_asc: tools.sort_asc sort_desc: tools.sort_desc fields: tools.fields term_facets: tools.term_facets range_facets: tools.range_facets q: tools.q highlight: tools.highlight facet_size: tools.facet_size outputParameters: - type: object mapping: $. - name: full-text-search description: Full Text Search hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getv2vulnerabilitysearch with: limit: tools.limit offset: tools.offset sort_asc: tools.sort_asc sort_desc: tools.sort_desc fields: tools.fields term_facets: tools.term_facets range_facets: tools.range_facets q: tools.q highlight: tools.highlight facet_size: tools.facet_size outputParameters: - type: object mapping: $. - name: get-vulnerability-id description: Get Vulnerability by ID hints: readOnly: true destructive: false idempotent: true call: nuclei-general.getvulnerabilitybyid with: fields: tools.fields outputParameters: - type: object mapping: $.