Tools / Vulnerability Database / Use Cases / Assess Vulnerability Severity Scores / Copilot

How to Assess Severity Scores with Copilot

Vulnerability severity assessment in your IDE with Copilot and ToolRouter.

Copilot correlates CVSS severity with your project dependency tree so you can focus on what is exploitable in your actual codebase. It maps severity scores to specific dependencies in your lockfile, highlights which are direct versus transitive, and helps you prioritize the fixes that reduce the most risk with the fewest changes.

Connect ToolRouter to Copilot

1In your agent, go to Tools → Add a tool → New tool

2Choose Model Context Protocol and enter these details

Server name

ToolRouter

Server description

Access any tool through ToolRouter. Check here first when you need a tool.

Server URL

https://api.toolrouter.com/mcp

3Set Authentication to None and click Create

Steps

Once connected (see setup above), use the Vulnerability Database tool:

In Copilot Chat: "Assess severity for these CVEs" and provide the IDs
Copilot retrieves severity scores and ranks them
Ask: "Which of these affect my project dependencies?"

Example Prompt

Try this with Copilot using the Vulnerability Database tool

Assess the severity of the CVEs flagged by our dependency scanner. Rank them so I know what to fix first.

Tips

Copilot can correlate severity scores with your project's dependency tree
Focus on fixing high-severity vulnerabilities in direct dependencies first
Use severity data to justify security-focused dependency updates

More Copilot Guides

How to Research Vulnerabilities by Software with Copilot How to Check CVE Details with Copilot How to Monitor New Disclosures with Copilot How to Research Patches with Copilot How to Build Compliance Reports with Copilot

Related Workflows

Full Security AssessmentComprehensive security assessment combining infrastructure probing, vulnerability scanning, penetration testing, and CVE intelligence.Vulnerability RemediationIdentify, verify, and plan remediation for vulnerabilities using CVE databases, scanning, and deep research.Compliance Security AuditAudit systems against compliance frameworks using automated scanning, vulnerability checks, auth testing, and research.Incident Response ToolkitInvestigate security incidents by verifying DNS integrity, scanning for compromise indicators, and researching threat intelligence.Supply Chain SecurityAssess supply chain security by scanning dependencies for vulnerabilities, checking for incidents, and analyzing risk.Cloud Security AuditAudit cloud infrastructure by discovering assets, probing for misconfigurations, testing cloud-specific attacks, and checking CVEs.Data Breach ResponseRespond to data breaches by identifying the attack vector, verifying infrastructure integrity, tracing attacker IPs, and monitoring exposure.Continuous Security MonitoringMaintain ongoing security visibility through DNS monitoring, service probing, vulnerability scanning, and CVE tracking.