菜单
Use when the user wants to list, inspect, or delete products in the ExploitIQ service. Products group related CVE analysis reports for a software component.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Use when the user wants to analyze a CVE against a source code repository, analyze an SBOM file (SPDX or CycloneDX) for vulnerability exploitability, or analyze a CVE against a specific RPM package using the ExploitIQ service.
Use when the user wants to list, filter, inspect, retry, or delete CVE analysis reports from the ExploitIQ service. Covers checking report status, reviewing past analyses, triaging results, retrying failures, or cleaning up old reports.
| name | exploitiq-products |
| description | Use when the user wants to list, inspect, or delete products in the ExploitIQ service. Products group related CVE analysis reports for a software component. |
Manage products: list, inspect, and delete.
From the user's input, determine which operation to perform:
Call mcp__exploitiq__list_products with any filters the user specified:
name — filter by product namecveId — filter by CVE IDpage — page number (0-based)pageSize — items per pagesortField — field to sort by (default: submittedAt)sortDirection — ASC or DESC (default: DESC)Array<ProductSummary>Each item has a nested data and summary structure:
data.id — Product ID
data.name — Product name
data.version — Product version
data.submittedAt — ISO timestamp of submission
data.completedAt — (optional) ISO timestamp of completion
data.submittedCount — Number of components submitted for scanning
data.cveId — CVE ID associated with this product
data.metadata — User-provided metadata (Record<string, string>)
data.submissionFailures[] — Components that failed to process:
.name — Component name
.version — Component version
.image — Component image
.error — Error message
summary.productState — Overall product analysis state
summary.statusCounts — Map of analysis state → count (e.g., {"completed": 3, "queued": 1})
summary.justificationStatusCounts — Map of verdict → count (e.g., {"true": 2, "false": 1})
summary.singleComponentFlowScanId — (optional) Scan ID for single-component direct navigation
Present results as a table:
| Product ID | Name | Version | CVE | Components | State | Submitted |
|---|---|---|---|---|---|---|
data.id | data.name | data.version | data.cveId | data.submittedCount | summary.productState | data.submittedAt |
If there are multiple pages, note the total count and current page.
Call mcp__exploitiq__get_product with the product ID the user provided.
ProductSummarySame structure as a single item from the list (nested data and summary).
Present:
data.iddata.namedata.versiondata.cveIdsummary.productStatedata.submittedAtdata.completedAt (or "In progress" if absent)data.submittedCountStatus Breakdown:
| Analysis State | Count |
|---|---|
| completed | summary.statusCounts.completed |
| queued | summary.statusCounts.queued |
| ... | ... |
Verdict Breakdown:
| Verdict | Count |
|---|---|
| Vulnerable (true) | summary.justificationStatusCounts.true |
| Not Vulnerable (false) | summary.justificationStatusCounts.false |
| Uncertain (unknown) | summary.justificationStatusCounts.unknown |
If data.submissionFailures is non-empty, show:
Failed Components:
| Component | Version | Error |
|---|---|---|
name | version | error |
To see individual component reports, suggest: "Use list_cve_reports with productId filter to see individual analysis results."
data.name will also delete all associated component analysis reports. Are you sure?"mcp__exploitiq__delete_product with the product ID