Skip to main content
Create, list, and delete scan targets — the MCP servers, platforms, or endpoints that security tests run against.

Commands

ctpf targets list

List all configured targets.
ctpf targets list
Displays a table with Name, Type, URI, and ID for each target.

ctpf targets add

Add a new scan target. Supply the name and URI as positional arguments, or omit both to use interactive prompts in a terminal.
ctpf targets add <NAME> <URI> [--type <TYPE>] [--meta KEY=VALUE]
ctpf targets add
Arguments:
ArgumentDescription
NAMEHuman-readable target name. Prompted interactively if omitted.
URIConnection endpoint. Prompted interactively if omitted.
Options:
OptionDefaultDescription
--type, -tserverTarget type, such as server or endpoint.
--meta KEY=VALUETarget metadata. Repeat the option to add multiple values.
Examples:
ctpf targets add "My Server" http://localhost:3000/sse
ctpf targets add "Local MCP" http://localhost:8080 --meta transport=sse

ctpf targets delete

Delete a scan target.
ctpf targets delete <ID> [--yes]
Arguments:
ArgumentDescription
IDTarget ID. Supports partial IDs (first 8+ characters).
Options:
OptionDescription
--yesSkip confirmation prompt.
Behavior:
  • Removes the target from the database
  • Associated runs are orphaned (their target_id is set to NULL)
  • Runs, findings, and evidence are not deleted
Examples:
# Delete with confirmation
ctpf targets delete a1b2c3d4
# Output:
# Delete target 'My Test Server'? Associated runs will be unlinked. [y/N]: y
# Deleted target 'My Test Server'. 2 runs unlinked.

# Delete without confirmation
ctpf targets delete a1b2c3d4 --yes
# Output:
# Deleted target 'My Test Server'. 0 runs unlinked.

# Using partial ID (8+ characters)
ctpf targets delete a1b2c3d4e5f6 --yes
# Works with just: ctpf targets delete a1b2c3d4 --yes
Partial ID matching requires at least 8 characters and must be unambiguous. If multiple targets match, you’ll be prompted to use a longer prefix.