Rapid7 · Capability

InsightVM API — Vulnerability Check

InsightVM API — Vulnerability Check. 4 operations. Lead operation: Vulnerability Checks. Self-contained Naftiko capability covering one business surface.

InsightVM API — Vulnerability Check is a Naftiko capability published by Rapid7, one of 47 capabilities the APIs.io network indexes for this provider. It bundles 4 operations across the GET method rooted at /v1/api/3.

The capability includes 4 read-only operations. Lead operation: Vulnerability Checks. Can be deployed as a REST endpoint, MCP tool, or Agent Skill via Naftiko.

Tagged areas include Rapid7 and Vulnerability Check.

Run with Naftiko Rapid7Vulnerability Check

What You Can Do

GET
Getvulnerabilitychecksforvulnerability — Vulnerability Checks
/v1/api/3/vulnerabilities/{id}/checks
GET
Getvulnerabilitychecks — Checks
/v1/api/3/vulnerability_checks
GET
Vulnerabilitycheck — Check
/v1/api/3/vulnerability_checks/{id}
GET
Getvulnerabilitychecktypes — Check Types
/v1/api/3/vulnerability_checks_types

MCP Tools

rapid7-getvulnerabilitychecksforvulnerability

Vulnerability Checks

read-only idempotent
rapid7-getvulnerabilitychecks

Checks

read-only idempotent
rapid7-vulnerabilitycheck

Check

read-only idempotent
rapid7-getvulnerabilitychecktypes

Check Types

read-only idempotent

Capability Spec

insightvm-console-swagger-vulnerability-check.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: InsightVM API — Vulnerability Check
  description: 'InsightVM API — Vulnerability Check. 4 operations. Lead operation: Vulnerability Checks. Self-contained Naftiko capability covering one business surface.'
  tags:
  - Rapid7
  - Vulnerability Check
  created: '2026-05-20'
  modified: '2026-05-20'
binds:
- namespace: env
  keys:
    RAPID7_API_KEY: RAPID7_API_KEY
capability:
  consumes:
  - type: http
    namespace: insightvm-console-swagger-vulnerability-check
    baseUri: https://localhost:3780
    description: InsightVM API — Vulnerability Check business capability. Self-contained, no shared references.
    resources:
    - name: api-3-vulnerabilities-id-checks
      path: /api/3/vulnerabilities/{id}/checks
      operations:
      - name: getvulnerabilitychecksforvulnerability
        method: GET
        description: Vulnerability Checks
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The identifier of the vulnerability.
          required: true
    - name: api-3-vulnerability-checks
      path: /api/3/vulnerability_checks
      operations:
      - name: getvulnerabilitychecks
        method: GET
        description: Checks
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: search
          in: query
          type: string
          description: Vulnerability search term to find vulnerability checks for. e.g. `"ssh"`.
        - name: safe
          in: query
          type: boolean
          description: Whether to return vulnerability checks that are considered "safe" to run. Defaults to return safe and unsafe checks.
        - name: potential
          in: query
          type: boolean
          description: Whether to only return checks that result in potentially vulnerable results. Defaults to return all checks.
        - name: requiresCredentials
          in: query
          type: boolean
          description: Whether to only return checks that require credentials in order to successfully execute. Defaults to return all checks.
        - name: unique
          in: query
          type: boolean
          description: Whether to only return checks that guarantee to be executed once-and-only once on a host resulting in a unique result. False returns checks that can result in multiple occurrences of the same vulnerab
        - name: type
          in: query
          type: string
          description: The type of vulnerability checks to return. See <a href="#operation/vulnerabilityCheckTypesUsingGET">Check Types</a> for all available types.
        - name: page
          in: query
          type: integer
          description: The index of the page (zero-based) to retrieve.
        - name: size
          in: query
          type: integer
          description: The number of records per page to retrieve.
        - name: sort
          in: query
          type: array
          description: 'The criteria to sort the records by, in the format: `property[,ASC|DESC]`. The default sort order is ascending. Multiple sort criteria can be specified using multiple sort query parameters.'
    - name: api-3-vulnerability-checks-id
      path: /api/3/vulnerability_checks/{id}
      operations:
      - name: vulnerabilitycheck
        method: GET
        description: Check
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The identifier of the vulnerability check.
          required: true
    - name: api-3-vulnerability-checks-types
      path: /api/3/vulnerability_checks_types
      operations:
      - name: getvulnerabilitychecktypes
        method: GET
        description: Check Types
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
  exposes:
  - type: rest
    namespace: insightvm-console-swagger-vulnerability-check-rest
    port: 8080
    description: REST adapter for InsightVM API — Vulnerability Check. One resource per consumed operation, prefixed with /v1.
    resources:
    - path: /v1/api/3/vulnerabilities/{id}/checks
      name: api-3-vulnerabilities-id-checks
      description: REST surface for api-3-vulnerabilities-id-checks.
      operations:
      - method: GET
        name: getvulnerabilitychecksforvulnerability
        description: Vulnerability Checks
        call: insightvm-console-swagger-vulnerability-check.getvulnerabilitychecksforvulnerability
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/3/vulnerability_checks
      name: api-3-vulnerability-checks
      description: REST surface for api-3-vulnerability-checks.
      operations:
      - method: GET
        name: getvulnerabilitychecks
        description: Checks
        call: insightvm-console-swagger-vulnerability-check.getvulnerabilitychecks
        with:
          search: rest.search
          safe: rest.safe
          potential: rest.potential
          requiresCredentials: rest.requiresCredentials
          unique: rest.unique
          type: rest.type
          page: rest.page
          size: rest.size
          sort: rest.sort
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/3/vulnerability_checks/{id}
      name: api-3-vulnerability-checks-id
      description: REST surface for api-3-vulnerability-checks-id.
      operations:
      - method: GET
        name: vulnerabilitycheck
        description: Check
        call: insightvm-console-swagger-vulnerability-check.vulnerabilitycheck
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/3/vulnerability_checks_types
      name: api-3-vulnerability-checks-types
      description: REST surface for api-3-vulnerability-checks-types.
      operations:
      - method: GET
        name: getvulnerabilitychecktypes
        description: Check Types
        call: insightvm-console-swagger-vulnerability-check.getvulnerabilitychecktypes
        with: {}
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: insightvm-console-swagger-vulnerability-check-mcp
    port: 9090
    transport: http
    description: MCP adapter for InsightVM API — Vulnerability Check. One tool per consumed operation, routed inline through this capability's consumes block.
    tools:
    - name: rapid7-getvulnerabilitychecksforvulnerability
      description: Vulnerability Checks
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: insightvm-console-swagger-vulnerability-check.getvulnerabilitychecksforvulnerability
      with:
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.
    - name: rapid7-getvulnerabilitychecks
      description: Checks
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: insightvm-console-swagger-vulnerability-check.getvulnerabilitychecks
      with:
        search: tools.search
        safe: tools.safe
        potential: tools.potential
        requiresCredentials: tools.requiresCredentials
        unique: tools.unique
        type: tools.type
        page: tools.page
        size: tools.size
        sort: tools.sort
      outputParameters:
      - type: object
        mapping: $.
    - name: rapid7-vulnerabilitycheck
      description: Check
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: insightvm-console-swagger-vulnerability-check.vulnerabilitycheck
      with:
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.
    - name: rapid7-getvulnerabilitychecktypes
      description: Check Types
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: insightvm-console-swagger-vulnerability-check.getvulnerabilitychecktypes
      with: {}
      outputParameters:
      - type: object
        mapping: $.