[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-80234":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":14,"subscribersCount":14,"size":14,"stars1d":15,"stars7d":15,"stars30d":15,"stars90d":14,"forks30d":14,"starsTrendScore":16,"compositeScore":17,"rankGlobal":9,"rankLanguage":9,"license":18,"archived":19,"fork":19,"defaultBranch":20,"hasWiki":21,"hasPages":19,"topics":22,"createdAt":9,"pushedAt":9,"updatedAt":23,"readmeContent":24,"aiSummary":25,"trendingCount":14,"starSnapshotCount":14,"syncStatus":26,"lastSyncTime":27,"discoverSource":28},80234,"mcp","bountylens\u002Fmcp","bountylens","BountyLens MCP server — connect Claude Code to your Hunter Tracker",null,"JavaScript",59,11,57,0,1,3,45.84,"MIT License",false,"main",true,[],"2026-06-12 04:01:27","# @bountylens\u002Fmcp\n\nMCP server for [BountyLens](https:\u002F\u002Fbountylens.com) — connect Claude Code to your Hunter Tracker.\n\nPush findings, leads, tested endpoints, and full report drafts directly from your terminal to the BountyLens dashboard. Everything you log during a hunt session appears in real-time in the web UI with an `MCP` badge.\n\n## Quick Start\n\n### 1. Get an API key\n\nGo to [bountylens.com\u002Fdashboard\u002Fsettings](https:\u002F\u002Fbountylens.com\u002Fdashboard\u002Fsettings) → **Integrations** → **Generate New API Key**.\n\nCopy the key — it's only shown once.\n\n### 2. Add to Claude Code\n\nAdd to your MCP config at `~\u002F.claude\u002F.mcp.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"bountylens\": {\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@bountylens\u002Fmcp\"],\n      \"env\": {\n        \"BOUNTYLENS_API_KEY\": \"bl_your_key_here\"\n      }\n    }\n  }\n}\n```\n\n### 3. Restart Claude Code\n\nThe BountyLens tools will be available immediately. No other setup needed.\n\n## Tools\n\n### Sessions\n\n| Tool | Description |\n|------|-------------|\n| `bountylens_list_sessions` | List hunt sessions — filter by `status` (active\u002Fpaused\u002Fcompleted) or `program_id` |\n| `bountylens_create_session` | Start a new hunt session with a title and optional program |\n| `bountylens_get_session` | Get a session with all its entries and counts |\n| `bountylens_update_session` | Update title, status, or notes |\n| `bountylens_delete_session` | Permanently delete a session and all its entries and reports |\n\n### Entries\n\n| Tool | Description |\n|------|-------------|\n| `bountylens_list_entries` | List entries in a session — filter by `type` (tested\u002Flead\u002Ffinding\u002Fnote) |\n| `bountylens_add_finding` | Log a validated finding with severity, endpoint, method, and description |\n| `bountylens_add_lead` | Log a promising lead that needs further investigation |\n| `bountylens_add_tested` | Mark an endpoint or feature as tested |\n| `bountylens_add_note` | Add a freeform note to the session |\n| `bountylens_update_entry` | Update an entry's title, description, status, or severity |\n| `bountylens_delete_entry` | Remove an entry |\n| `bountylens_bulk_add_entries` | Add up to 50 entries in one call — for batch logging findings, leads, or tested endpoints |\n\n### Reports\n\n| Tool | Description |\n|------|-------------|\n| `bountylens_draft_report` | Create a report draft — include summary, steps to reproduce, impact, and remediation |\n| `bountylens_list_reports` | List all report drafts in a session |\n| `bountylens_update_report` | Edit a report's title, body, or status (draft\u002Fready\u002Fsubmitted) |\n| `bountylens_delete_report` | Permanently delete a report |\n\n### Programs\n\n| Tool | Description |\n|------|-------------|\n| `bountylens_search_programs` | Search bug bounty programs by name or handle |\n\n## Usage Examples\n\nDuring a hunt in Claude Code, the LLM uses these tools automatically based on your instructions:\n\n```\n\"List my active sessions\"\n→ bountylens_list_sessions with status=active\n\n\"Save this XSS finding to my Shopify session\"\n→ bountylens_add_finding with title, severity, endpoint, description\n\n\"What leads do I have open on the Uber hunt?\"\n→ bountylens_list_entries with type=lead\n\n\"Mark \u002Fapi\u002Fauth as tested, CSRF tokens are present\"\n→ bountylens_add_tested with endpoint and description\n\n\"Draft a report for the SSRF finding\"\n→ bountylens_draft_report with full report body\n\n\"Push reports\u002Fssrf-uber.md to my Uber session\"\n→ reads the file, calls bountylens_draft_report with contents\n```\n\n## Environment Variables\n\n| Variable | Required | Default | Description |\n|----------|----------|---------|-------------|\n| `BOUNTYLENS_API_KEY` | Yes | — | API key from dashboard settings |\n| `BOUNTYLENS_URL` | No | `https:\u002F\u002Fbountylens.com` | Custom instance URL (self-hosted) |\n\n## API Reference\n\nThe MCP server wraps the BountyLens API v1. All endpoints require a `Bearer` token in the `Authorization` header.\n\n```\nGET    \u002Fapi\u002Fv1\u002Fsessions                         — list sessions\nPOST   \u002Fapi\u002Fv1\u002Fsessions                         — create session\nGET    \u002Fapi\u002Fv1\u002Fsessions\u002F:id                      — get session + entries\nPUT    \u002Fapi\u002Fv1\u002Fsessions\u002F:id                      — update session\nDELETE \u002Fapi\u002Fv1\u002Fsessions\u002F:id                      — delete session\nGET    \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Fentries              — list entries\nPOST   \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Fentries              — create entry\nPOST   \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Fentries\u002Fbulk         — bulk create entries (max 50)\nPUT    \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Fentries\u002F:entryId     — update entry\nDELETE \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Fentries\u002F:entryId     — delete entry\nGET    \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Freports              — list reports\nPOST   \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Freports              — create report\nPUT    \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Freports\u002F:reportId    — update report\nDELETE \u002Fapi\u002Fv1\u002Fsessions\u002F:id\u002Freports\u002F:reportId    — delete report\nGET    \u002Fapi\u002Fv1\u002Fprograms?q=search                 — search programs\n```\n\nRate limit: 60 requests\u002Fminute per API key.\n\n## Security\n\n- API keys are SHA-256 hashed in the database — never stored in plaintext\n- Keys are shown once on creation and cannot be retrieved\n- All queries are parameterized — no SQL injection\n- Every request verifies resource ownership — no IDOR\n- Pro subscription is validated on every API call\n- Rate limited to prevent abuse\n\n## Requirements\n\n- Node.js 18+\n- [BountyLens](https:\u002F\u002Fbountylens.com) Pro subscription\n- API key from the dashboard\n\n## Contributing\n\nWe welcome contributions. See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n## License\n\nMIT — see [LICENSE](LICENSE)\n","BountyLens MCP 服务器用于将Claude Code与您的Hunter Tracker连接起来。该项目允许用户直接从终端推送发现、线索、测试端点和完整报告草稿到BountyLens仪表板，所有记录的内容都会实时显示在网页界面中，并带有MCP徽章。它支持多种工具来管理会话、条目（包括发现、线索等）和报告，以及搜索程序。此项目适合需要高效管理和跟踪漏洞赏金项目的网络安全研究人员或团队使用。",2,"2026-06-11 03:59:46","CREATED_QUERY"]