1. Documentation
2. The ZAP by Checkmarx Desktop User Guide
3. Add-ons
4. MCP Integration Add-on
5. MCP Prompts

MCP Prompts

Prompts are reusable instruction templates. MCP clients discover them via prompts/list and retrieve them via prompts/get.

zap_baseline_scan

Run a ZAP baseline scan: spider the target (standard then AJAX) and check for passive vulnerabilities without any active attacking.

Arguments: target (required) - the URL to scan

zap_full_scan

Run a ZAP full scan: spider the target (standard then AJAX) and then actively scan for vulnerabilities.

Arguments: target (required) - the URL or context name to scan, policy (optional) - active scan policy name (defaults to the ZAP default policy)

See Also

• MCP Integration - Overview of the add-on
• Options - Configuration options
• Tools - Available MCP tools
• Resources - Available MCP resources