> For the complete documentation index, see [llms.txt](https://help.nightfall.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.nightfall.ai/developer-api/nightfall_apis/nightfall-model-context-protocol-mcp-server/common-use-cases.md). # Common Use Cases Here are real-world scenarios where the Nightfall MCP server delivers immediate value: #### Security Investigations **Example**: "Show me all active high-risk violations from GitHub in the last week" The AI automatically uses `search_violations` with appropriate filters and returns results in seconds. You can then ask follow-up questions like "Which repository has the most violations?" or "Show me the sensitive data found in violation abc-123" without manually constructing queries. #### Insider Threat Response **Example**: "What has user been doing in the last 30 days?" Get a complete timeline of user activity including file downloads, permission changes, and policy violations. The AI summarizes patterns and flags anomalies automatically. #### Bulk Remediation **Example**: "Resolve all pending Slack violations from the #general channel" Instead of manually processing violations one by one, describe the action in natural language. The AI finds matching violations and executes the appropriate remediation action. #### Compliance Reporting **Example**: "Generate a summary of all HIPAA violations this quarter grouped by department" The AI retrieves relevant data, performs grouping and aggregation, and creates a formatted report—all from a single request. #### Data Exfiltration Detection **Example**: "Are there any exfiltration events involving bulk downloads from Google Drive?" Quickly identify potential data theft attempts by searching for specific event patterns across your cloud storage integrations. #### Permission Audits **Example**: "List all posture events with permission changes this month" Monitor access control changes across your environment to identify security configuration drift or policy violations. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://help.nightfall.ai/developer-api/nightfall_apis/nightfall-model-context-protocol-mcp-server/common-use-cases.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.