fortify-scsast
Fortify ScanCentral SAST Skill
Fortify ScanCentral SAST (SC-SAST) integration via Model Context Protocol (MCP). Enables distributed SAST scanning using ScanCentral sensors with results published to SSC.
Available MCP Tools
Only key MCP tools for ScanCentral SAST are listed here.
| Tool | Description | When to Use |
|---|---|---|
fcli_ssc_action_package |
Package source code for scanning | Before starting a scan - creates scan package |
fcli_sc_sast_scan_start |
Start SAST scan on ScanCentral | After packaging - submits scan to sensor pool |
fcli_sc_sast_scan_status |
Check scan status | Monitor specific scan progress |
fcli_sc_sast_scan_wait_for |
Wait for scan completion | Block until scan reaches desired state |
fcli_sc_sast_scan_list |
List scans | View scan history, find scans by status |
fcli_sc_sast_scan_download |
Download scan artifacts | Retrieve FPR or logs after completion |
fcli_sc_sast_sensor_list |
List available sensors | Check sensor availability |
fcli_sc_sast_sensor_pool_list |
List sensor pools | Verify pool availability for scans |
Parameter Formats
| Parameter | Format | Example |
|---|
More from crance/agent-skills-fortify
fortify-fod
use this skill whenever the user wants to list and filter application security findings, run SAST/SCA/DAST scans, discover applications and releases, and manage security scanning using Fortify on Demand (FoD). Triggers include: any mention of 'FoD', 'Fortify on Demand', 'list vulnerabilities', 'run SAST scan', 'run SCA scan', 'run DAST scan', 'list applications', 'list releases', 'package source code', 'security scan', and similar requests indicating interaction with FoD for application security scanning and vulnerability management.
11fortify-ssc
use this skill whenever the user wants to list and filter application security findings, discover applications and versions, and manage applications using Fortify Software Security Center (SSC). Triggers include: any mention of 'SSC', 'list vulnerabilities', 'list applications', and similar requests indicating interaction with Fortify SSC for application security tasks. OpenText Application Security is the new name for Fortify Software Security Center.
7fortify-onprem
Use this skill whenever the user wants to list and filter application security findings, run SAST or DAST scans, discover applications and versions, and manage security assessments using Fortify on-premises products: Software Security Center (SSC), ScanCentral SAST (SC-SAST), and ScanCentral DAST (SC-DAST). Triggers include: any mention of 'SSC', 'ScanCentral', 'SC-SAST', 'SC-DAST', 'list vulnerabilities', 'run SAST scan', 'run DAST scan', 'list applications', 'DAST scan', 'web scan', 'dynamic scan', and similar requests for on-premises Fortify products.
6fortify-scdast
ScanCentral DAST guide for MCP tools. Run dynamic application security testing (DAST) scans, list and filter scan results, discover scan settings and policies, and manage web application security scanning using Fortify ScanCentral DAST. Triggers include any mention of 'SC-DAST', 'ScanCentral DAST', 'DAST scan', 'web scan', 'dynamic scan', 'run DAST scan', 'list scans', and similar requests indicating interaction with SC-DAST for dynamic application security scanning.
5