Available Variables

Project Variables

List of project-related variables that can be used in the report template. For example {project.name} will display project name used when creating a project on the platform.

Variable	Type	Description
`project.id`	number	Unique project identifier
`project.uuid`	string	Project UUID
`project.name`	string	Project name
`project.description`	string	Project description
`project.start_at`	string	Project start date/time
`project.end_at`	string	Project end date/time
`project.type`	string	Project type name
`project.scope_type`	string	Project scope type (internal/external)
`extra_fields`	object	Additional custom fields

Extra fields usage example:

{project.extra_fields[‘last_name’]}

Client

Variable	Type	Description
`client.id`	number	Client identifier
`client.company_name`	string	Client company name
`client.website`	string	Client company’s wesbite
`client.contact_name`	string	Client contact’s name
`client.contact_position`	string	Client contact’s position
`client.contact_phone`	string	Client contact’s phone
`client.contact_email`	string	Client contact’s email
`client.address`	string	Client company’s address
`client.city`	string	Client company’s city
`client.country`	string	Client company’s country
`client.industry`	string	Client company’s industry
`extra_fields`	object	Additional custom fields

Extra fields usage example:

{client.extra_fields[‘last_name’]}

Members

Variable	Type	Description
`members`	array	List of team members (excluding managers)
`members_all`	array	List of all team members

Member object:

Field	Type	Description
`id`	number	Member ID
`name`	string	Member name
`email`	string	Member email
`type`	string	Member type
`certificates`	string	Member certificates
`job_title`	string	Member job title
`phone_number`	string	Member phone number

Targets

Variable	Type	Description
`targets`	array	List of assessment targets
`out_of_scope`	array	List of out of scope targets

Target object:

Field	Type	Description
`id`	number	Target ID
`endpoint`	string	Target endpoint
`note`	string	Target note

Usage exmaple:

{#targets}
{endpoint} - {note}
{/targets}

{#out_of_scope}
{endpoint} - {note}
{/out_of_scope}

Report

Variable	Type	Description
`report.id`	number	Report ID
`report.uuid`	string	Report UUID
`report.title`	string	Report title
`report.version`	string	Report version
`report.created_at`	string	Report creation date/time
`report.additional_fields`	object	Additional custom fields
`report.executive_summary`	string	Executive summary
`report.creator`	string	Report creator

Additional fields usage example:

{report.additional_fields['Risk Raiting']}

Creator object:

Field	Type	Description
`id`	number	Creator ID
`name`	string	Creator name
`email`	string	Creator email
`type`	string	Creator type
`certificates`	string	Creator certificates
`job_title`	string	Creator job title
`phone_number`	string	Member phone number

Vulnerability Statistics

Variable	Type	Description
`criticalCount`	number	Number of critical findings
`highCount`	number	Number of high findings
`mediumCount`	number	Number of medium findings
`lowCount`	number	Number of low findings
`infoCount`	number	Number of informational findings
`criticalCvssCount`	number	Number of critical CVSS findings
`highCvssCount`	number	Number of high CVSS findings
`mediumCvssCount`	number	Number of medium CVSS findings
`lowCvssCount`	number	Number of low CVSS findings
`infoCvssCount`	number	Number of informational CVSS findings
`findingsTotalCount`	number	Total number of findings

Vulnerabilities

Variable	Type	Description
`vulnerabilities`	array	List of vulnerabilities

Vulnerability object:

Field	Type	Description
`id`	number	Vulnerability ID
`uuid`	string	Vulnerability UUID
`title`	string	Vulnerability title
`description`	string	Vulnerability description
`poc`	string	Proof of concept
`risks`	string	Risks associated
`remediation`	string	Remediation steps
`remediation_stage`	string	Remediation stage (Not Remediated, Requested, Retesting, Remediated, Partial)
`cvss`	string	CVSS vector
`cvss_score`	number	CVSS base score
`probability`	string	Probability rating
`impact`	string	Impact rating
`has_affected_hosts`	bool	True if affected hosts exist
`affected_hosts`	array	List of affected hosts
`categories`	array	List of category objects
`categories_text`	string	Comma-separated category names
`categories_text_ids`	string	Category IDs (one per line)
`categories_ids`	array	Array of category IDs
`cvss_risk`	string	Risk level based on CVSS score
`extra_fields`	object	Additional custom fields
`risk`	string	Criticality rating
`cvssRisk`	string	Risk level based on CVSS score
`redBackground`	object	Cell background color info
`assessment_domain`	string	Assessment domain name
`order_id`	number	Order index in report
`http_excerpts`	string	Vulnerability HTTP Excerpts
`has_comments`	bool	True if comments exist
`comments`	array	List of comments

Extra fields usage example:

{#vulnerabilities}
{extra_fields['OWASP Context']}
{/vulnerabilities}

Affected host object:

Field	Type	Description
`id`	number	Host ID
`endpoint`	string	Host endpoint
`note`	string	Host note

Category object:

Field	Type	Description
`id`	number	Category ID
`name`	string	Category name

Comments object:

Field	Type	Description
`id`	number	Comment ID
`commentator`	string	Commentator name
`text`	string	Comment text/content
`created_at`	string	Comment creation date/time

Manager

Variable	Type	Description
`manager.id`	number	Manager ID
`manager.name`	string	Manager name
`manager.email`	string	Manager email

Other

Variable	Type	Description
`report_date`	string	Date of report generation