Skip to content

Available Variables

List of project-related variables that can be used in the report template. For example {project.name} will display project name used when creating a project on the platform.

VariableTypeDescription
project.idnumberUnique project identifier
project.uuidstringProject UUID
project.namestringProject name
project.descriptionstringProject description
project.start_atstringProject start date/time
project.end_atstringProject end date/time
project.typestringProject type name
project.scope_typestringProject scope type (internal/external)
project.targetsarrayProject assessment targets
project.out_of_scopearrayProject out of scope targets
extra_fieldsobjectAdditional custom fields

Extra fields usage example:

{project.extra_fields[‘last_name’]}
VariableTypeDescription
client.idnumberClient identifier
client.company_namestringClient company name
client.websitestringClient company’s wesbite
client.contact_namestringClient contact’s name
client.contact_positionstringClient contact’s position
client.contact_phonestringClient contact’s phone
client.contact_emailstringClient contact’s email
client.addressstringClient company’s address
client.citystringClient company’s city
client.countrystringClient company’s country
client.industrystringClient company’s industry
extra_fieldsobjectAdditional custom fields

Extra fields usage example:

{client.extra_fields[‘last_name’]}
VariableTypeDescription
membersarrayList of team members (excluding managers)
members_allarrayList of all team members

Member object:

FieldTypeDescription
idnumberMember ID
namestringMember name
emailstringMember email
typestringMember type
certificatesstringMember certificates
job_titlestringMember job title
phone_numberstringMember phone number
VariableTypeDescription
targetsarrayList of assessment targets
out_of_scopearrayList of out of scope targets

Target object:

FieldTypeDescription
idnumberTarget ID
endpointstringTarget endpoint
notestringTarget note

Usage exmaple:

{#targets}
{endpoint} - {note}
{/targets}
{#out_of_scope}
{endpoint} - {note}
{/out_of_scope}

For repeated per-subproject targets, use the subprojects array:

{#subprojects}
{name}
{#targets}
{endpoint}
{/targets}
{/subprojects}
VariableTypeDescription
report.idnumberReport ID
report.uuidstringReport UUID
report.titlestringReport title
report.versionstringReport version
report.created_atstringReport creation date/time
report.additional_fieldsobjectAdditional custom fields
report.executive_summarystringExecutive summary
report.creatorstringReport creator
project_typesarrayParent project and selected subproject types, with duplicates removed

Additional fields usage example:

{report.additional_fields['Risk Raiting']}

Conditional content based on project types:

Use arrayContains with project_types to show a block only when the report includes a specific project type:

{#report.title | arrayContains:project_types:'Project Type Name'}
Content shown only when that project type is present.
{/}

Example:

{#report.title | arrayContains:project_types:'Web Application'}
Web Application section
{~~report.additional_fields['Web Application Executive Summary'] | addDefault:'Nothing provided'}
{/}

Creator object:

FieldTypeDescription
idnumberCreator ID
namestringCreator name
emailstringCreator email
typestringCreator type
certificatesstringCreator certificates
job_titlestringCreator job title
phone_numberstringMember phone number
VariableTypeDescription
criticalCountnumberNumber of critical findings
highCountnumberNumber of high findings
mediumCountnumberNumber of medium findings
lowCountnumberNumber of low findings
infoCountnumberNumber of informational findings
criticalCvssCountnumberNumber of critical CVSS findings
highCvssCountnumberNumber of high CVSS findings
mediumCvssCountnumberNumber of medium CVSS findings
lowCvssCountnumberNumber of low CVSS findings
infoCvssCountnumberNumber of informational CVSS findings
findingsTotalCountnumberTotal number of findings
VariableTypeDescription
vulnerabilitiesarrayList of vulnerabilities

Vulnerability object:

FieldTypeDescription
idnumberVulnerability ID
uuidstringVulnerability UUID
titlestringVulnerability title
descriptionstringVulnerability description
pocstringProof of concept
risksstringRisks associated
remediationstringRemediation steps
remediation_stagestringRemediation stage (Not Remediated, Requested, Retesting, Remediated, Partial)
cvssstringCVSS vector
cvss_scorenumberCVSS base score
probabilitystringProbability rating
impactstringImpact rating
has_affected_hostsboolTrue if affected hosts exist
affected_hostsarrayList of affected hosts
categoriesarrayList of category objects
categories_textstringComma-separated category names
categories_text_idsstringCategory IDs (one per line)
categories_idsarrayArray of category IDs
cvss_riskstringRisk level based on CVSS score
extra_fieldsobjectAdditional custom fields
riskstringCriticality rating
cvssRiskstringRisk level based on CVSS score
redBackgroundobjectCell background color info
assessment_domainstringAssessment domain name
order_idnumberOrder index in report
http_excerptsstringVulnerability HTTP Excerpts
has_commentsboolTrue if comments exist
commentsarrayList of comments

Extra fields usage example:

{#vulnerabilities}
{extra_fields['OWASP Context']}
{/vulnerabilities}

Affected host object:

FieldTypeDescription
idnumberHost ID
endpointstringHost endpoint
notestringHost note

Category object:

FieldTypeDescription
idnumberCategory ID
namestringCategory name

Comments object:

FieldTypeDescription
idnumberComment ID
commentatorstringCommentator name
textstringComment text/content
created_atstringComment creation date/time

DOCX templates can create internal links between vulnerability lists and their matching vulnerability sections. Links and targets are matched using the vulnerability UUID and an optional target name.

Basic link:

Create the destination:

{#vulnerabilities}
{findingTarget}{title}
{~~description}
{/vulnerabilities}

Create a link to it:

{#vulnerabilities}
{findingLinkStart}{title}{findingLinkEnd}
{/vulnerabilities}

Each generated link points to the matching vulnerability based on its UUID.

Named targets:

Use named targets when the template contains multiple destination sections, such as detailed findings and an appendix.

Details table:

{#vulnerabilities}
{findingLinkStart:details}{title}{findingLinkEnd}
{/vulnerabilities}

Appendix table:

{#vulnerabilities}
{findingLinkStart:appendix}{order_id}. {title}{findingLinkEnd}
{/vulnerabilities}

Details section:

{#vulnerabilities}
{findingTarget:details}{title}
{~~description}
{/vulnerabilities}

Appendix section:

{#vulnerabilities}
{findingTarget:appendix}{title}
{~~poc}
{/vulnerabilities}

A named link must use the same name as its target:

{findingLinkStart:details}
{findingTarget:details}

Any number of links can point to the same target. Each vulnerability is matched independently using its UUID.

Marker reference:

MarkerDescription
{findingTarget}Creates the default destination for the current vulnerability
{findingTarget:name}Creates a named destination
{findingLinkStart}Starts a link to the default destination
{findingLinkStart:name}Starts a link to a named destination
{findingLinkEnd}Ends the clickable content

Rules:

  • Link start and end markers must be in the same Word paragraph or table-cell paragraph.
  • Named links and targets must use exactly the same name.
  • Target names must start with a letter.
  • Target names may contain letters, numbers, underscores, and hyphens.
  • Place markers inside a scope containing the vulnerability UUID, normally a {#vulnerabilities} loop.
  • Each target name should occur only once per vulnerability.
  • Multiple links may point to the same target.
  • Word paragraph styles do not affect links or targets.

The parentProject object contains the parent project details and only findings belonging directly to the parent project.

VariableTypeDescription
parentProject.idnumberParent project ID
parentProject.uuidstringParent project UUID
parentProject.namestringParent project name
parentProject.descriptionstringParent project description
parentProject.start_atstringParent project start date
parentProject.end_atstringParent project end date
parentProject.typesarrayParent project types
parentProject.typestringPrimary project type
parentProject.scope_typestringProject scope type
parentProject.extra_fieldsobjectProject custom fields
parentProject.targetsarrayParent project assessment targets
parentProject.out_of_scopearrayParent project out of scope targets
parentProject.vulnerabilitiesarraySelected findings belonging directly to the parent project

Usage example:

{parentProject.name}
{#parentProject.vulnerabilities}
{order_id}. {title}
{/parentProject.vulnerabilities}

The vulnerability objects contain the same fields documented in the Vulnerabilities section. Their order_id starts at 1 within the parent project list.

The subprojects array contains subprojects that have at least one selected finding. Each subproject contains its project details, targets, out of scope targets, and selected vulnerabilities.

VariableTypeDescription
subprojectsarraySubprojects containing selected findings

Subproject object:

FieldTypeDescription
idnumberSubproject ID
uuidstringSubproject UUID
namestringSubproject name
descriptionstringSubproject description
start_atstringSubproject start date
end_atstringSubproject end date
typesarraySubproject types
typestringPrimary project type
scope_typestringSubproject scope type
extra_fieldsobjectSubproject custom fields
targetsarraySelected targets belonging to the subproject
out_of_scopearrayOut of scope targets belonging to the subproject
vulnerabilitiesarraySelected findings belonging to the subproject

Usage example:

{#subprojects}
{name}
{#vulnerabilities}
{order_id}. {title}
{/vulnerabilities}
{/subprojects}

Subproject targets example:

{#subprojects}
{name}
In scope:
{#targets}
{endpoint}
{/targets}
Out of scope:
{#out_of_scope}
{endpoint}
{/out_of_scope}
{/subprojects}

Only subprojects represented by selected findings are included. Vulnerability order_id values start at 1 within each subproject.

VariableTypeDescription
manager.idnumberManager ID
manager.namestringManager name
manager.emailstringManager email
VariableTypeDescription
report_datestringDate of report generation