OWASP ZAP · Capability

ZAP API — alert

ZAP API — alert. 13 operations. Lead operation: alert. Self-contained Naftiko capability covering one Owasp Zap business surface.

Run with Naftiko Owasp Zapalert

What You Can Do

GET
Alertactionaddalert — Add an alert associated with the given message ID, with the provided details. (The ID of the created alert is returned.)
/v1/json/alert/action/addalert
GET
Alertactiondeletealert — Deletes the alert with the given ID.
/v1/json/alert/action/deletealert
GET
Alertactiondeletealerts — Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name, risk, or base URL.
/v1/json/alert/action/deletealerts
GET
Alertactiondeleteallalerts — Deletes all alerts of the current session.
/v1/json/alert/action/deleteallalerts
GET
Alertactionupdatealert — Update the alert with the given ID, with the provided details.
/v1/json/alert/action/updatealert
GET
Alertactionupdatealertsconfidence — Update the confidence of the alerts.
/v1/json/alert/action/updatealertsconfidence
GET
Alertactionupdatealertsrisk — Update the risk of the alerts.
/v1/json/alert/action/updatealertsrisk
GET
Alertviewalert — Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method
/v1/json/alert/view/alert
GET
Alertviewalertcountsbyrisk — Gets a count of the alerts, optionally filtered as per alertsPerRisk
/v1/json/alert/view/alertcountsbyrisk
GET
Alertviewalerts — Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts
/v1/json/alert/view/alerts
GET
Alertviewalertsbyrisk — Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url' (ignoring url paramet
/v1/json/alert/view/alertsbyrisk
GET
Alertviewalertssummary — Gets number of alerts grouped by each risk level, optionally filtering by URL
/v1/json/alert/view/alertssummary
GET
Alertviewnumberofalerts — Gets the number of alerts, optionally filtering by URL or riskId
/v1/json/alert/view/numberofalerts

MCP Tools

add-alert-associated-given-message

Add an alert associated with the given message ID, with the provided details. (The ID of the created alert is returned.)

read-only idempotent
deletes-alert-given-id

Deletes the alert with the given ID.

read-only idempotent
deletes-all-alerts-optionally-filtered

Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name, risk, or base URL.

read-only idempotent
deletes-all-alerts-current-session

Deletes all alerts of the current session.

read-only idempotent
update-alert-given-id-provided

Update the alert with the given ID, with the provided details.

read-only idempotent
update-confidence-alerts

Update the confidence of the alerts.

read-only idempotent
update-risk-alerts

Update the risk of the alerts.

read-only idempotent
gets-alert-given-id-corresponding

Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method

read-only idempotent
gets-count-alerts-optionally-filtered

Gets a count of the alerts, optionally filtered as per alertsPerRisk

read-only idempotent
gets-alerts-raised-zap-optionally

Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts

read-only idempotent
gets-summary-alerts-optionally-filtered

Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url' (ignoring url paramet

read-only idempotent
gets-number-alerts-grouped-each

Gets number of alerts grouped by each risk level, optionally filtering by URL

read-only idempotent
gets-number-alerts-optionally-filtering

Gets the number of alerts, optionally filtering by URL or riskId

read-only idempotent

Capability Spec

owasp-zap-alert.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: ZAP API — alert
  description: 'ZAP API — alert. 13 operations. Lead operation: alert. Self-contained Naftiko capability covering one Owasp
    Zap business surface.'
  tags:
  - Owasp Zap
  - alert
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    OWASP_ZAP_API_KEY: OWASP_ZAP_API_KEY
capability:
  consumes:
  - type: http
    namespace: owasp-zap-alert
    baseUri: http://zap
    description: ZAP API — alert business capability. Self-contained, no shared references.
    resources:
    - name: JSON-alert-action-addAlert
      path: /JSON/alert/action/addAlert/
      operations:
      - name: alertactionaddalert
        method: GET
        description: Add an alert associated with the given message ID, with the provided details. (The ID of the created
          alert is returned.)
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-action-deleteAlert
      path: /JSON/alert/action/deleteAlert/
      operations:
      - name: alertactiondeletealert
        method: GET
        description: Deletes the alert with the given ID.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-action-deleteAlerts
      path: /JSON/alert/action/deleteAlerts/
      operations:
      - name: alertactiondeletealerts
        method: GET
        description: Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name,
          risk, or base URL.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-action-deleteAllAlerts
      path: /JSON/alert/action/deleteAllAlerts/
      operations:
      - name: alertactiondeleteallalerts
        method: GET
        description: Deletes all alerts of the current session.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-action-updateAlert
      path: /JSON/alert/action/updateAlert/
      operations:
      - name: alertactionupdatealert
        method: GET
        description: Update the alert with the given ID, with the provided details.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-action-updateAlertsConfidence
      path: /JSON/alert/action/updateAlertsConfidence/
      operations:
      - name: alertactionupdatealertsconfidence
        method: GET
        description: Update the confidence of the alerts.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-action-updateAlertsRisk
      path: /JSON/alert/action/updateAlertsRisk/
      operations:
      - name: alertactionupdatealertsrisk
        method: GET
        description: Update the risk of the alerts.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-view-alert
      path: /JSON/alert/view/alert/
      operations:
      - name: alertviewalert
        method: GET
        description: Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId'
          field and 'message' API method
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-view-alertCountsByRisk
      path: /JSON/alert/view/alertCountsByRisk/
      operations:
      - name: alertviewalertcountsbyrisk
        method: GET
        description: Gets a count of the alerts, optionally filtered as per alertsPerRisk
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-view-alerts
      path: /JSON/alert/view/alerts/
      operations:
      - name: alertviewalerts
        method: GET
        description: Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position
          and 'count' of alerts
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-view-alertsByRisk
      path: /JSON/alert/view/alertsByRisk/
      operations:
      - name: alertviewalertsbyrisk
        method: GET
        description: Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that
          apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url'
          (ignoring url paramet
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-view-alertsSummary
      path: /JSON/alert/view/alertsSummary/
      operations:
      - name: alertviewalertssummary
        method: GET
        description: Gets number of alerts grouped by each risk level, optionally filtering by URL
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: JSON-alert-view-numberOfAlerts
      path: /JSON/alert/view/numberOfAlerts/
      operations:
      - name: alertviewnumberofalerts
        method: GET
        description: Gets the number of alerts, optionally filtering by URL or riskId
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    authentication:
      type: apikey
      key: X-ZAP-API-Key
      value: '{{env.OWASP_ZAP_API_KEY}}'
      placement: header
  exposes:
  - type: rest
    namespace: owasp-zap-alert-rest
    port: 8080
    description: REST adapter for ZAP API — alert. One Spectral-compliant resource per consumed operation, prefixed with /v1.
    resources:
    - path: /v1/json/alert/action/addalert
      name: json-alert-action-addalert
      description: REST surface for JSON-alert-action-addAlert.
      operations:
      - method: GET
        name: alertactionaddalert
        description: Add an alert associated with the given message ID, with the provided details. (The ID of the created
          alert is returned.)
        call: owasp-zap-alert.alertactionaddalert
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/action/deletealert
      name: json-alert-action-deletealert
      description: REST surface for JSON-alert-action-deleteAlert.
      operations:
      - method: GET
        name: alertactiondeletealert
        description: Deletes the alert with the given ID.
        call: owasp-zap-alert.alertactiondeletealert
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/action/deletealerts
      name: json-alert-action-deletealerts
      description: REST surface for JSON-alert-action-deleteAlerts.
      operations:
      - method: GET
        name: alertactiondeletealerts
        description: Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name,
          risk, or base URL.
        call: owasp-zap-alert.alertactiondeletealerts
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/action/deleteallalerts
      name: json-alert-action-deleteallalerts
      description: REST surface for JSON-alert-action-deleteAllAlerts.
      operations:
      - method: GET
        name: alertactiondeleteallalerts
        description: Deletes all alerts of the current session.
        call: owasp-zap-alert.alertactiondeleteallalerts
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/action/updatealert
      name: json-alert-action-updatealert
      description: REST surface for JSON-alert-action-updateAlert.
      operations:
      - method: GET
        name: alertactionupdatealert
        description: Update the alert with the given ID, with the provided details.
        call: owasp-zap-alert.alertactionupdatealert
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/action/updatealertsconfidence
      name: json-alert-action-updatealertsconfidence
      description: REST surface for JSON-alert-action-updateAlertsConfidence.
      operations:
      - method: GET
        name: alertactionupdatealertsconfidence
        description: Update the confidence of the alerts.
        call: owasp-zap-alert.alertactionupdatealertsconfidence
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/action/updatealertsrisk
      name: json-alert-action-updatealertsrisk
      description: REST surface for JSON-alert-action-updateAlertsRisk.
      operations:
      - method: GET
        name: alertactionupdatealertsrisk
        description: Update the risk of the alerts.
        call: owasp-zap-alert.alertactionupdatealertsrisk
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/view/alert
      name: json-alert-view-alert
      description: REST surface for JSON-alert-view-alert.
      operations:
      - method: GET
        name: alertviewalert
        description: Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId'
          field and 'message' API method
        call: owasp-zap-alert.alertviewalert
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/view/alertcountsbyrisk
      name: json-alert-view-alertcountsbyrisk
      description: REST surface for JSON-alert-view-alertCountsByRisk.
      operations:
      - method: GET
        name: alertviewalertcountsbyrisk
        description: Gets a count of the alerts, optionally filtered as per alertsPerRisk
        call: owasp-zap-alert.alertviewalertcountsbyrisk
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/view/alerts
      name: json-alert-view-alerts
      description: REST surface for JSON-alert-view-alerts.
      operations:
      - method: GET
        name: alertviewalerts
        description: Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position
          and 'count' of alerts
        call: owasp-zap-alert.alertviewalerts
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/view/alertsbyrisk
      name: json-alert-view-alertsbyrisk
      description: REST surface for JSON-alert-view-alertsByRisk.
      operations:
      - method: GET
        name: alertviewalertsbyrisk
        description: Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that
          apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url'
          (ignoring url paramet
        call: owasp-zap-alert.alertviewalertsbyrisk
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/view/alertssummary
      name: json-alert-view-alertssummary
      description: REST surface for JSON-alert-view-alertsSummary.
      operations:
      - method: GET
        name: alertviewalertssummary
        description: Gets number of alerts grouped by each risk level, optionally filtering by URL
        call: owasp-zap-alert.alertviewalertssummary
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/json/alert/view/numberofalerts
      name: json-alert-view-numberofalerts
      description: REST surface for JSON-alert-view-numberOfAlerts.
      operations:
      - method: GET
        name: alertviewnumberofalerts
        description: Gets the number of alerts, optionally filtering by URL or riskId
        call: owasp-zap-alert.alertviewnumberofalerts
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: owasp-zap-alert-mcp
    port: 9090
    transport: http
    description: MCP adapter for ZAP API — alert. One tool per consumed operation, routed inline through this capability's
      consumes block.
    tools:
    - name: add-alert-associated-given-message
      description: Add an alert associated with the given message ID, with the provided details. (The ID of the created alert
        is returned.)
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactionaddalert
      outputParameters:
      - type: object
        mapping: $.
    - name: deletes-alert-given-id
      description: Deletes the alert with the given ID.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactiondeletealert
      outputParameters:
      - type: object
        mapping: $.
    - name: deletes-all-alerts-optionally-filtered
      description: Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name,
        risk, or base URL.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactiondeletealerts
      outputParameters:
      - type: object
        mapping: $.
    - name: deletes-all-alerts-current-session
      description: Deletes all alerts of the current session.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactiondeleteallalerts
      outputParameters:
      - type: object
        mapping: $.
    - name: update-alert-given-id-provided
      description: Update the alert with the given ID, with the provided details.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactionupdatealert
      outputParameters:
      - type: object
        mapping: $.
    - name: update-confidence-alerts
      description: Update the confidence of the alerts.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactionupdatealertsconfidence
      outputParameters:
      - type: object
        mapping: $.
    - name: update-risk-alerts
      description: Update the risk of the alerts.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertactionupdatealertsrisk
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-alert-given-id-corresponding
      description: Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field
        and 'message' API method
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertviewalert
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-count-alerts-optionally-filtered
      description: Gets a count of the alerts, optionally filtered as per alertsPerRisk
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertviewalertcountsbyrisk
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-alerts-raised-zap-optionally
      description: Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position
        and 'count' of alerts
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertviewalerts
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-summary-alerts-optionally-filtered
      description: Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that
        apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url'
        (ignoring url paramet
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertviewalertsbyrisk
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-number-alerts-grouped-each
      description: Gets number of alerts grouped by each risk level, optionally filtering by URL
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertviewalertssummary
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-number-alerts-optionally-filtering
      description: Gets the number of alerts, optionally filtering by URL or riskId
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: owasp-zap-alert.alertviewnumberofalerts
      outputParameters:
      - type: object
        mapping: $.