Skip to main content
GET
/
mcp-hub
/
scan
/
{job_id}
/
results
Get Complete Scan Results
curl --request GET \
  --url https://api.enkryptai.com/mcp-hub/scan/{job_id}/results \
  --header 'apikey: <api-key>'
{
  "job_id": "123e4567-e89b-12d3-a456-426614174000",
  "job_status": "completed",
  "is_official": false,
  "is_private": false,
  "scan_type": "source",
  "repo_name": "user/mcp-server",
  "endpoint_url": null,
  "auth_type": null,
  "org_id": null,
  "user_id": null,
  "project_name": null,
  "registry_name": null,
  "complete_result": {
    "scan_metadata": {
      "overall_severity": "High",
      "total_vulnerabilities": 5
    },
    "tools_scanned": [],
    "vulnerabilities": []
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

โ€‹
apikey
string
header
required

Path Parameters

โ€‹
job_id
string<uuid>
required

Unique scan job UUID

Example:

"123e4567-e89b-12d3-a456-426614174000"

Response

Complete scan results retrieved

Complete results of a finished scan job. Ownership/registry fields (org_id, user_id, project_name, registry_name) are only populated for private jobs; for public jobs they are returned as null. These fields mirror the x-enkrypt-* response headers.

โ€‹
job_id
string
required
โ€‹
job_status
string
required
โ€‹
complete_result
object

Full scan output: vulnerabilities, tools scanned, and analysis metadata. Present once job_status is completed.

โ€‹
error_message
string | null
โ€‹
is_official
boolean | null

Whether the scanned server is an official registry entry. Mirrors x-enkrypt-is-official header.

โ€‹
is_private
boolean | null

Whether the scan is private (scoped to the calling account). Mirrors x-enkrypt-is-private header.

โ€‹
scan_type
enum<string> | null

Scan type. Mirrors x-enkrypt-scan-type header.

Available options:
source,
hosted,
null
โ€‹
repo_name
string | null

Repository / server identifier. Mirrors x-enkrypt-repo-name header.

โ€‹
endpoint_url
string | null

Hosted MCP server endpoint URL (hosted scans only). Mirrors x-enkrypt-endpoint-url header.

โ€‹
auth_type
string | null

Authentication type used for the hosted scan (hosted scans only). Mirrors x-enkrypt-auth-type header.

โ€‹
org_id
string<uuid> | null

Organization ID. Only populated when the job is private.

โ€‹
user_id
string<uuid> | null

User ID. Only populated when the job is private.

โ€‹
project_name
string | null

Project name. Only populated when the job is private.

โ€‹
registry_name
string | null

Registry name. Only populated when the job is private.