1
Mint an API key
In app.enokilabs.ai → Settings → API Keys,
create a key with the
read and write scopes (add test:run to
trigger assessments). Copy it — it’s shown once. Details:
API keys & scopes.2
Connect Claude Code
Add the Enoki MCP server, with your key as a Bearer token:Run
/mcp in a session to confirm the Enoki tools are connected.3
Register your target
Ask your agent to register your endpoint as a target. It should call
get_setup_guide for the config reference, then create_target —
which fires one live probe and only saves the target if it succeeds. On a
failure it returns a categorized reason (unreachable / auth_failed /
parse_error) so you can adjust and retry.4
Run an assessment
With the target’s
model_id, call trigger_assessment to start a run,
then poll get_assessment_status until it’s complete. See
what we test for.5
Read and fix findings
Pull results with
list_findings and get_finding (which includes the
repro). Once you’ve fixed one, close_finding it and run
validate_fix to re-run its attacks and confirm the fix holds.Next steps
MCP tool reference
Every tool, grouped by area, with the scope each needs.
REST API
Drive the same flow from CI/CD or your own code.