Stats
Actions
Tags
From ghostwriter-readonly
Use when reviewing GhostWriter data in read-only mode — clients, projects, findings, objectives, targets, scope, deconflictions, evidence, observations, reports, infrastructure, activity logs, and notes.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ghostwriter-readonly:ghostwriter-readonlyThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Query GhostWriter reporting and operational data without modifying state. Credentials are configured in the server environment — they never appear in conversations.
Query GhostWriter reporting and operational data without modifying state. Credentials are configured in the server environment — they never appear in conversations.
Set env vars in the MCP server environment: GHOSTWRITER_URL, GHOSTWRITER_API_TOKEN (or GHOSTWRITER_USERNAME + GHOSTWRITER_PASSWORD).
get_status — verify connection, see aggregate countslist_clients — see client organizationslist_projects — see engagements (filter by client_id)list_objectives --project_id N — project objectiveslist_targets --project_id N — target hostslist_findings --project_id N — reported findingslist_activity_logs --project_id N — oplog entries| Tool | Purpose |
|---|---|
get_status | Connection info and aggregate counts |
list_clients | List client organizations |
get_client | Full client details with projects |
list_projects | List projects/engagements |
get_project | Full project details with findings and reports |
list_findings | List reported findings (filter by project, severity) |
get_finding | Full finding details (CVSS, remediation, evidence) |
list_finding_templates | Finding template library |
list_objectives | Project objectives and sub-tasks |
list_targets | Target hosts/systems |
list_scope | Scope definitions (IP ranges, etc.) |
list_deconflictions | Deconfliction entries |
list_evidence | Evidence files (filter by project, finding) |
list_whitecards | White cards / exceptions |
list_observations | Observations from reports |
list_reports | List reports |
get_infrastructure | Combined server + domain summary |
list_servers | Team servers with checkouts |
list_domains | Registered domains with checkouts |
list_activity_logs | Operation activity logs |
list_notes | Notes (type: client, project, domain, server) |
search | Cross-type search across multiple data types |
Most list tools accept project_id to scope results to a single engagement and limit for pagination. list_findings and list_activity_logs also accept offset.
This server CANNOT create, modify, or delete any GhostWriter data. The only mutation used is the Login mutation to obtain a JWT token when API token auth is not configured.
The original CLI script is still available at scripts/ghostwriter_read.py for standalone use:
uv run {baseDir}/scripts/ghostwriter_read.py <command> [options]
Provides a checklist for code reviews covering functionality, security, performance, maintainability, tests, and quality. Use for pull requests, audits, team standards, and developer training.
npx claudepluginhub s3cr1z/capabilities --plugin ghostwriter-readonly