MCP Tools Reference
Fleet’s MCP server exposes 49 tools that let AI assistants and agents drive Fleet directly — query CRA compliance, run assessments, manage distribution, prepare ENISA notifications, check threat intelligence, and talk to the AI advisor. They group into eight areas:
| Area | Tools | Examples |
|---|---|---|
| Assessment | 11 | fleet_list_assessed_products, fleet_get_gap_analysis, fleet_list_scans, fleet_list_findings, fleet_list_rulesets, fleet_ingest_sbom, fleet_ingest_source |
| AI Advisor | 6 | fleet_advisor_chat, fleet_advisor_chat_sessions_list, fleet_advisor_artefacts_list, fleet_advisor_save_artefact |
| Distribution | 7 | fleet_create_app, fleet_create_release, fleet_publish_release, fleet_upload_asset, fleet_check_update |
| Licensing | 3 | fleet_create_license, fleet_activate_license, fleet_revoke_license |
| Administration | 6 | fleet_create_org, fleet_create_api_key, fleet_list_scopes, fleet_get_instance_config, fleet_set_instance_config |
| Documentation | 3 | fleet_docs_search, fleet_docs_list_topics, fleet_docs_get_topic |
| Cybersec threat-intel | 7 | cybersec_check_cve, cybersec_audit_dependency, cybersec_search_threats, cybersec_lookup_actor, cybersec_lookup_technique |
| ENISA Reporting | 6 | fleet_enisa_create_notification, fleet_enisa_submit_revision, fleet_enisa_get_obligations, fleet_enisa_export |
The core assessment tools are documented in detail below. The ENISA Reporting
tools drive the ENISA Single Reporting Platform — create a
case, submit staged 24h/72h/final revisions against the
obligation matrix, and export the form-ready
report. Over HTTP they require the enisa:read / enisa:write scopes (mint a
key with the right scope; discover the catalogue with fleet_list_scopes).
Delivery of the exported report is covered in
Notifications & Report Delivery.
fleet_list_assessed_products
Section titled “fleet_list_assessed_products”List all products under CRA assessment.
Input: None
Output: JSON array of assessed products with id, name, version, ruleset_id.
fleet_get_gap_analysis
Section titled “fleet_get_gap_analysis”Get compliance gap analysis for a product.
Input:
{ "product_id": "uuid" }Output: Compliance percentage, status breakdown (not_started/in_progress/needs_evidence/compliant/non_compliant/not_applicable), and list of gaps.
fleet_list_scans
Section titled “fleet_list_scans”List scan history for a product.
Input:
{ "product_id": "uuid" }Output: Array of scans with id, commit_sha, status, summary, timestamps.
fleet_list_findings
Section titled “fleet_list_findings”List findings from a specific scan.
Input:
{ "scan_id": "uuid" }Output: Array of findings with requirement_id, risk_id, status, confidence, detector, message, source_locations.
fleet_list_rulesets
Section titled “fleet_list_rulesets”List available CRA compliance rulesets.
Input: None
Output: Array of rulesets with id, name, version, status, catalog stats.