Palo Alto Networks

Prisma AIRS AI Red Teaming API

An automated red teaming API for assessing the safety and security of generative AI systems including large language models and LLM-powered applications. The API simulates real-world threats by sending crafted attack prompts including jailbreaks, prompt injection, and input manipulation to target AI systems and evaluating responses. Supports creating scan targets, executing asynchronous vulnerability scans, and retrieving detailed reports.

Documentation GitHub OpenAPI

Documentation

https://pan.dev/prisma-airs-redteam/api/ai-integration/introduction/

https://docs.paloaltonetworks.com/ai-runtime-security/ai-red-teaming/identify-ai-system-risks-with-ai-red-teaming/get-started-with-prisma-airs-ai-red-teaming

Specifications

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-prisma-airs-ai-red-teaming-api-openapi-original.yml

Examples

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-attack-category-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-scan-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-scan-report-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-scan-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-scan-target-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-scan-target-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/prisma-airs-ai-red-teaming-api-vulnerability-finding-example.json

Schemas & Data

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-attack-category-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-scan-report-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-scan-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-scan-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-scan-target-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-scan-target-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-ai-red-teaming-api-vulnerability-finding-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-attack-category-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-scan-report-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-scan-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-scan-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-scan-target-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-scan-target-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-ai-red-teaming-api-vulnerability-finding-structure.json

Other Resources

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-ld/palo-alto-prisma-airs-ai-red-teaming-api-context.jsonld

OpenAPI Specification

openapi: 3.1.0
info:
  title: Palo Alto Networks Prisma AIRS AI Red Teaming API
  description: >-
    Prisma AIRS AI Red Teaming API for automated AI vulnerability assessment.
    Provides programmatic control over red teaming scans that probe AI
    applications and LLM endpoints for security vulnerabilities. The API
    enables defining scan targets (AI model endpoints), launching automated
    attack simulations across configurable attack categories, and retrieving
    detailed vulnerability reports. Attack categories cover prompt injection,
    jailbreaking, data exfiltration, hallucination induction, toxic content
    generation, and other AI-specific threat vectors. Part of the Prisma AI
    Runtime Security platform.
  version: '1.0'
  contact:
    name: Palo Alto Networks Developer Support
    url: https://pan.dev/
  license:
    name: Proprietary
    url: https://www.paloaltonetworks.com/legal
servers:
- url: https://api.sase.paloaltonetworks.com/ai-red-teaming
  description: Prisma AIRS AI Red Teaming API production server.
security:
- oauth2Bearer: []
tags:
- name: Attack Categories
  description: Available attack category reference data.
- name: Scans
  description: Vulnerability scan lifecycle management.
- name: Targets
  description: AI scan target definition and management.
paths:
  /v1/targets:
    post:
      operationId: createScanTarget
      summary: Palo Alto Networks Create Scan Target
      description: >-
        Creates a new scan target representing an AI application or LLM
        endpoint to be assessed. Targets define the endpoint URL, the type
        of AI interface (chat completions, custom API, etc.), and the
        authentication configuration needed to interact with the endpoint
        during the red teaming scan.
      tags:
      - Targets
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScanTargetRequest'
            examples:
              CreateScanTargetRequestExample:
                summary: Default createScanTarget request
                x-microcks-default: true
                value:
                  name: Primary Agent 91
                  description: On violation blocked incident traffic monitoring.
                  type: huggingface
                  endpoint_url: https://api.acme-systems.org/696e96
                  model: PA-3260
                  auth_config: &id004
                    type: basic
                    header_name: Corporate Sensor 86
                    credential: example-credential
                  system_prompt: example-system_prompt
      responses:
        '201':
          description: Scan target created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanTarget'
              examples:
                CreateScanTarget201Example:
                  summary: Default createScanTarget 201 response
                  x-microcks-default: true
                  value:
                    target_id: '296460'
                    name: Branch Policy 32
                    description: Detected violation Security incident threat violation malware firewall policy incident rule rule.
                    type: openai_chat
                    endpoint_url: https://vpn.example.com/8fea53
                    model: PA-5250
                    created_at: '2025-11-15T21:07:35Z'
                    updated_at: '2024-07-13T20:05:13Z'
        '400':
          description: Invalid request body or endpoint unreachable.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateScanTarget400Example:
                  summary: Default createScanTarget 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateScanTarget401Example:
                  summary: Default createScanTarget 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateScanTarget403Example:
                  summary: Default createScanTarget 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '409':
          description: A target with this name already exists.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateScanTarget409Example:
                  summary: Default createScanTarget 409 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateScanTarget500Example:
                  summary: Default createScanTarget 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    get:
      operationId: listScanTargets
      summary: Palo Alto Networks List Scan Targets
      description: >-
        Returns the list of scan targets configured for the tenant.
        Each target represents an AI application endpoint that can be
        selected when starting a vulnerability scan.
      tags:
      - Targets
      parameters:
      - name: type
        in: query
        description: Filter targets by interface type.
        schema:
          type: string
          enum:
          - openai_chat
          - anthropic_messages
          - custom_http
          - huggingface
        example: huggingface
      - name: offset
        in: query
        description: Number of results to skip for pagination.
        schema:
          type: integer
          default: 0
        example: 0
      - name: limit
        in: query
        description: Maximum number of targets to return.
        schema:
          type: integer
          default: 50
          maximum: 200
        example: 50
      responses:
        '200':
          description: Scan targets returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  total:
                    type: integer
                  offset:
                    type: integer
                  limit:
                    type: integer
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/ScanTarget'
              examples:
                ListScanTargets200Example:
                  summary: Default listScanTargets 200 response
                  x-microcks-default: true
                  value:
                    total: 516
                    offset: 395
                    limit: 914
                    items:
                    - target_id: '296460'
                      name: Branch Policy 32
                      description: Detected violation Security incident threat violation malware firewall policy incident rule rule.
                      type: openai_chat
                      endpoint_url: https://vpn.example.com/8fea53
                      model: PA-5250
                      created_at: '2025-11-15T21:07:35Z'
                      updated_at: '2024-07-13T20:05:13Z'
        '400':
          description: Invalid query parameters.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListScanTargets400Example:
                  summary: Default listScanTargets 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListScanTargets401Example:
                  summary: Default listScanTargets 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListScanTargets403Example:
                  summary: Default listScanTargets 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListScanTargets500Example:
                  summary: Default listScanTargets 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /v1/targets/{target_id}:
    get:
      operationId: getScanTarget
      summary: Palo Alto Networks Get Scan Target Details
      description: Returns full details for a specific scan target by ID.
      tags:
      - Targets
      parameters:
      - name: target_id
        in: path
        required: true
        description: Unique identifier of the scan target.
        schema:
          type: string
        example: '583704'
      responses:
        '200':
          description: Scan target details returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanTarget'
              examples:
                GetScanTarget200Example:
                  summary: Default getScanTarget 200 response
                  x-microcks-default: true
                  value:
                    target_id: '296460'
                    name: Branch Policy 32
                    description: Detected violation Security incident threat violation malware firewall policy incident rule rule.
                    type: openai_chat
                    endpoint_url: https://vpn.example.com/8fea53
                    model: PA-5250
                    created_at: '2025-11-15T21:07:35Z'
                    updated_at: '2024-07-13T20:05:13Z'
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanTarget401Example:
                  summary: Default getScanTarget 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanTarget403Example:
                  summary: Default getScanTarget 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '404':
          description: Scan target not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanTarget404Example:
                  summary: Default getScanTarget 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanTarget500Example:
                  summary: Default getScanTarget 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    delete:
      operationId: deleteScanTarget
      summary: Palo Alto Networks Delete Scan Target
      description: >-
        Deletes a scan target. Targets with active or pending scans cannot
        be deleted until scans complete.
      tags:
      - Targets
      parameters:
      - name: target_id
        in: path
        required: true
        description: Unique identifier of the scan target to delete.
        schema:
          type: string
        example: '101292'
      responses:
        '204':
          description: Scan target deleted successfully.
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteScanTarget401Example:
                  summary: Default deleteScanTarget 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteScanTarget403Example:
                  summary: Default deleteScanTarget 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '404':
          description: Scan target not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteScanTarget404Example:
                  summary: Default deleteScanTarget 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '409':
          description: Target has active scans and cannot be deleted.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteScanTarget409Example:
                  summary: Default deleteScanTarget 409 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteScanTarget500Example:
                  summary: Default deleteScanTarget 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /v1/scans:
    post:
      operationId: startVulnerabilityScan
      summary: Palo Alto Networks Start Vulnerability Scan
      description: >-
        Starts a new AI vulnerability scan against a registered target.
        Specify the attack categories to test and optionally provide
        custom prompts to supplement the built-in attack library. The scan
        runs asynchronously; use GET /v1/scans/{scan_id} to monitor
        progress and GET /v1/scans/{scan_id}/results to retrieve the
        completed report.
      tags:
      - Scans
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScanRequest'
            examples:
              StartVulnerabilityScanRequestExample:
                summary: Default startVulnerabilityScan request
                x-microcks-default: true
                value:
                  target_id: '645262'
                  attack_categories: &id005
                  - example-attack_categories_item
                  - example-attack_categories_item
                  custom_prompts: &id006
                  - example-custom_prompts_item
                  - example-custom_prompts_item
                  max_attacks_per_category: 740
      responses:
        '201':
          description: Vulnerability scan started successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Scan'
              examples:
                StartVulnerabilityScan201Example:
                  summary: Default startVulnerabilityScan 201 response
                  x-microcks-default: true
                  value:
                    scan_id: '588456'
                    target_id: '410241'
                    target_name: Production Agent 95
                    status: running
                    attack_categories: &id001
                    - example-attack_categories_item
                    progress: 0.36
                    total_attacks: 275
                    completed_attacks: 880
                    vulnerabilities_found: 746
                    error_message: example-error_message
                    started_at: '2025-08-08T22:13:06Z'
                    completed_at: '2024-11-03T18:50:01Z'
        '400':
          description: Invalid request body or target not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                StartVulnerabilityScan400Example:
                  summary: Default startVulnerabilityScan 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                StartVulnerabilityScan401Example:
                  summary: Default startVulnerabilityScan 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                StartVulnerabilityScan403Example:
                  summary: Default startVulnerabilityScan 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '409':
          description: A scan is already in progress for this target.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                StartVulnerabilityScan409Example:
                  summary: Default startVulnerabilityScan 409 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                StartVulnerabilityScan500Example:
                  summary: Default startVulnerabilityScan 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /v1/scans/{scan_id}:
    get:
      operationId: getScanStatus
      summary: Palo Alto Networks Get Scan Status
      description: >-
        Returns the current status and progress of a vulnerability scan.
        When status is completed, use GET /v1/scans/{scan_id}/results to
        retrieve the full vulnerability report.
      tags:
      - Scans
      parameters:
      - name: scan_id
        in: path
        required: true
        description: Unique identifier of the vulnerability scan.
        schema:
          type: string
        example: '734547'
      responses:
        '200':
          description: Scan status returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Scan'
              examples:
                GetScanStatus200Example:
                  summary: Default getScanStatus 200 response
                  x-microcks-default: true
                  value:
                    scan_id: '588456'
                    target_id: '410241'
                    target_name: Production Agent 95
                    status: running
                    attack_categories: *id001
                    progress: 0.36
                    total_attacks: 275
                    completed_attacks: 880
                    vulnerabilities_found: 746
                    error_message: example-error_message
                    started_at: '2025-08-08T22:13:06Z'
                    completed_at: '2024-11-03T18:50:01Z'
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanStatus401Example:
                  summary: Default getScanStatus 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanStatus403Example:
                  summary: Default getScanStatus 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '404':
          description: Scan not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanStatus404Example:
                  summary: Default getScanStatus 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanStatus500Example:
                  summary: Default getScanStatus 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /v1/scans/{scan_id}/results:
    get:
      operationId: getScanResults
      summary: Palo Alto Networks Get Scan Results and Report
      description: >-
        Returns the detailed vulnerability report for a completed scan.
        The report includes an overall risk score, vulnerability findings
        organized by attack category, specific attack prompts that
        succeeded, and remediation recommendations. Only available when
        the scan status is completed.
      tags:
      - Scans
      parameters:
      - name: scan_id
        in: path
        required: true
        description: Unique identifier of the completed scan.
        schema:
          type: string
        example: '783198'
      - name: category
        in: query
        description: Filter results by attack category.
        schema:
          type: string
        example: standard
      - name: severity
        in: query
        description: Filter findings by severity level.
        schema:
          type: string
          enum:
          - informational
          - low
          - medium
          - high
          - critical
        example: high
      responses:
        '200':
          description: Scan results and report returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanReport'
              examples:
                GetScanResults200Example:
                  summary: Default getScanResults 200 response
                  x-microcks-default: true
                  value:
                    scan_id: '428692'
                    target_id: '819001'
                    target_name: Branch Agent 03
                    overall_risk_score: 2.13
                    total_attacks_executed: 817
                    vulnerabilities_found: 907
                    category_summaries: &id007
                    - category_id: '482152'
                      category_name: Staging Firewall 89
                      attacks_executed: 371
                      vulnerabilities_found: 428
                      risk_score: 33.91
                    - category_id: '228990'
                      category_name: Staging Sensor 95
                      attacks_executed: 409
                      vulnerabilities_found: 670
                      risk_score: 53.57
                    findings: &id008
                    - finding_id: '841657'
                      category_id: '121939'
                      category_name: Branch Gateway 62
                      severity: low
                      title: Primary Sensor 11
                      description: Applied Security on activity traffic investigation configured investigation activity on configured.
                      attack_prompt: example-attack_prompt
                      model_response: VM-300
                      remediation: example-remediation
                    generated_at: '2026-12-07T01:42:19Z'
        '400':
          description: Invalid query parameters.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetScanResults400Example:
                  summary: Default getScanResults 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Policy investigation blocked activity on activity suspicious configured configured suspicious.
                    request_id: f62400eb-5426-47bb-acc1-166eb163d06c
        '401':
          description: Invalid or missing Bearer token.
          

# --- truncated at 32 KB (51 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-prisma-airs-ai-red-teaming-api-openapi-original.yml