Skip to content

Commit 07a1e07

Browse files
fix: Add source code location as parmater to our PoC command (it increases success rate and decreases token usage)
1 parent a0449d3 commit 07a1e07

1 file changed

Lines changed: 5 additions & 10 deletions

File tree

mcp-server/src/index.ts

Lines changed: 5 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -115,10 +115,11 @@ server.registerPrompt(
115115
description: '[Experimental] Generates a Proof-of-Concept (PoC) for a given vulnerability.',
116116
argsSchema: {
117117
problemStatement: z.string().optional().describe('A description of the security problem or vulnerability.'),
118+
sourceCodeLocation: z.string().optional().describe('The location of the source code that contains the vulnerability.'),
118119
} as any,
119120
},
120121
(args: any) => {
121-
const { problemStatement } = args;
122+
const { problemStatement, sourceCodeLocation } = args;
122123
return {
123124
messages: [
124125
{
@@ -127,15 +128,9 @@ server.registerPrompt(
127128
type: 'text' as const,
128129
text: `You are a security expert. Your task is to generate a Proof-of-Concept (PoC) for a vulnerability.
129130
130-
Problem Statement: ${problemStatement || 'Not provided'}
131-
132-
Using the provided problem statement, identify the following parameters:
133-
- Source Code Location
134-
135-
If the problem statement does not provide enough information to identify the parameters, **ASK THE USER** for the missing information.
136-
137-
If you have all the necessary information, proceed with the following workflow:
138-
131+
Problem Statement: ${problemStatement || 'No problem statement provided, if you need more information to generate a PoC, ask the user.'}
132+
Source Code Location: ${sourceCodeLocation || 'No source code location provided, try to derive it from the Problem Statement. If you cannot derive it, ask the user for the source code location.'}
133+
139134
**Workflow:**
140135
141136
1. **Generate PoC:**

0 commit comments

Comments
 (0)