Platform
Platform Overview Maps Memory Shadow Mode Widget Governance Actions Integrations
Developers
Overview Catalog Guardrails Dry Run Idempotency Credentials Audit Trail API Reference
Company
About Blog Contact Book a Demo
MCP Integrations Hackerone
MCP & AI Agent Integration

Hackerone
automation.

10 AI agent actions for Hackerone — callable from any MCP-compatible runtime, Claude, Cursor, or Cerebral OS workflow. Use Hackerone to pull reports, track KPIs, and surface insights on a schedule. Full governance, audit trail, and dry-run safety on every execution.

Connect Hackerone free Browse all integrations →
No credit card required
Live in production environments
<200ms median execution
Dry-run before production
Execution trace
live
10
actions
100%
governed
<200ms
latency
10
AI agent actions
6
Read operations
4
Write operations
0
High-risk actions (approval gated)
Analytics Hackerone is a Analytics integration — use it to automate metrics tracking, reporting, and data analysis from any AI agent or MCP-compatible runtime.
Actions

What you can do
with Hackerone.

Every action below is available as an MCP tool and a verb in Cerebral OS — callable from any AI agent, Claude, Cursor, Windsurf, or your own runtime via the BYOA API. All executions are governed, audited, and dry-run safe.

Get Program
hackerone:get_program
Fetch details about a bug bounty program.
Read Low risk
Get Report
hackerone:get_report
Fetch a single vulnerability report by ID with full details.
Read Low risk
Get User
hackerone:get_user
Fetch details about a HackerOne user.
Read Low risk
List Activities
hackerone:list_activities
List all activities (comments, state changes, bounties) for a report.
Read Low risk
List Programs
hackerone:list_programs
List bug bounty programs you have access to.
Read Low risk
List Reports
hackerone:list_reports
List vulnerability reports with optional filters.
Read Low risk
Add Report Comment
hackerone:add_report_comment
Add a comment to a vulnerability report.
Write Medium risk
Award Bounty
hackerone:award_bounty
Award a bounty to a vulnerability report.
Write Medium risk
Request Disclosure
hackerone:request_disclosure
Request public disclosure of a resolved vulnerability report.
Write Medium risk
Update Report State
hackerone:update_report_state
Update the state of a vulnerability report.
Write Medium risk
MCP & Runtime API

Call Hackerone
from any AI agent.

Any AI agent — Claude, Cursor, LangChain, AutoGen, or your own — can call Hackerone actions through the Cerebral OS Runtime API. Governance, credentials, and audit trail fire automatically.

hackerone:get_program READ
# Call via Runtime API
curl
-X POST \
  "https://api.cerebralos.com/v1/runtime/actions/run"
  -H "X-API-Key: YOUR_KEY" \
  -d '{
    "verb": "hackerone:get_program",
    "args": {},
    "execution_id": "agent-001"
  }'
hackerone:add_report_comment WRITE
# Dry-run first — no production risk
curl
-X POST \
  "https://api.cerebralos.com/v1/runtime/actions/run"
  -H "X-API-Key: YOUR_KEY" \
  -d '{
    "verb": "hackerone:add_report_comment",
    "args": {},
    "execution_id": "agent-001",
    "metadata": {"dryRun": true}
  }'
Get your Runtime API key at app.cerebralos.com/signup — 1,000 free executions, no credit card required.
AI agent examples

What your AI agent
can do with Hackerone.

Real patterns your AI agent can execute via MCP or the Runtime API. Every action governed, dry-run safe, and fully audited.

Trigger
AI agent needs Hackerone data
Call hackerone:get_program via MCP or Runtime API
AI processes result and takes next action
Full execution logged to audit trail automatically
Trigger
Workflow needs to write to Hackerone
Dry-run validates hackerone:add_report_comment before execution
Approval gate fires if risk level is high
Action executes with full governance — logged, audited, reversible
Trigger
Metric threshold reached
Pull report data
Surface insight with AI
Send digest to Slack
How it works

Every Hackerone action
governed end-to-end.

Cerebral OS isn't a connector. It's the execution layer that sits in front of Hackerone — adding governance, dry-run safety, and a full audit trail to every operation.

Governance first
Every verb carries a risk classification. High-risk writes require explicit approval gates before they execute in production.
Dry-run safe
Simulate any Hackerone action before it touches production. See exactly what would happen before a single real call is made.
Immutable audit trail
Every Hackerone action is logged — what ran, what changed, who approved it, when it happened. Full history on every verb, forever.
Connect with

Hackerone works best
alongside these.

Build multi-step workflows that connect Hackerone to the rest of your stack. All governed. All audited.

Google Analytics Mixpanel Segment Slack Google Sheets
Hackerone integration

Start free.
No credit card required.

Start free with 1,000 runs — no credit card required. Connect Hackerone in minutes, dry-run every action before it touches production, full audit trail on everything.

Start free — 1,000 runs Browse all integrations →