Cloudsmith · Capability

Cloudsmith API (v1) — vulnerabilities

Cloudsmith API (v1) — vulnerabilities. 4 operations. Lead operation: Lists scan results for a specific namespace.. Self-contained Naftiko capability covering one Cloudsmith business surface.

Run with Naftiko Cloudsmithvulnerabilities

What You Can Do

GET

Vulnerabilitiesnamespacelist — Lists scan results for a specific namespace.

/v1/vulnerabilities/{owner}

GET

Vulnerabilitiesrepolist — Lists scan results for a specific repository.

/v1/vulnerabilities/{owner}/{repo}

GET

Vulnerabilitiespackagelist — Lists scan results for a specific package.

/v1/vulnerabilities/{owner}/{repo}/{package}

GET

Vulnerabilitiesread — Get a scan result.

/v1/vulnerabilities/{owner}/{repo}/{package}/{identifier}

MCP Tools

lists-scan-results-specific-namespace

Lists scan results for a specific namespace.

read-only idempotent

lists-scan-results-specific-repository

Lists scan results for a specific repository.

read-only idempotent

lists-scan-results-specific-package

Lists scan results for a specific package.

read-only idempotent

get-scan-result

Get a scan result.

read-only idempotent

Capability Spec

naftiko: 1.0.0-alpha2
info:
  label: Cloudsmith API (v1) — vulnerabilities
  description: 'Cloudsmith API (v1) — vulnerabilities. 4 operations. Lead operation: Lists scan results for a specific namespace..
    Self-contained Naftiko capability covering one Cloudsmith business surface.'
  tags:
  - Cloudsmith
  - vulnerabilities
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    CLOUDSMITH_API_KEY: CLOUDSMITH_API_KEY
capability:
  consumes:
  - type: http
    namespace: cloudsmith-vulnerabilities
    baseUri: https://api.cloudsmith.io
    description: Cloudsmith API (v1) — vulnerabilities business capability. Self-contained, no shared references.
    resources:
    - name: vulnerabilities-owner
      path: /vulnerabilities/{owner}/
      operations:
      - name: vulnerabilitiesnamespacelist
        method: GET
        description: Lists scan results for a specific namespace.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: A page number within the paginated result set.
        - name: page_size
          in: query
          type: integer
          description: Number of results to return per page.
    - name: vulnerabilities-owner-repo
      path: /vulnerabilities/{owner}/{repo}/
      operations:
      - name: vulnerabilitiesrepolist
        method: GET
        description: Lists scan results for a specific repository.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: A page number within the paginated result set.
        - name: page_size
          in: query
          type: integer
          description: Number of results to return per page.
    - name: vulnerabilities-owner-repo-package
      path: /vulnerabilities/{owner}/{repo}/{package}/
      operations:
      - name: vulnerabilitiespackagelist
        method: GET
        description: Lists scan results for a specific package.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: A page number within the paginated result set.
        - name: page_size
          in: query
          type: integer
          description: Number of results to return per page.
    - name: vulnerabilities-owner-repo-package-identifier
      path: /vulnerabilities/{owner}/{repo}/{package}/{identifier}/
      operations:
      - name: vulnerabilitiesread
        method: GET
        description: Get a scan result.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
  exposes:
  - type: rest
    namespace: cloudsmith-vulnerabilities-rest
    port: 8080
    description: REST adapter for Cloudsmith API (v1) — vulnerabilities. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/vulnerabilities/{owner}
      name: vulnerabilities-owner
      description: REST surface for vulnerabilities-owner.
      operations:
      - method: GET
        name: vulnerabilitiesnamespacelist
        description: Lists scan results for a specific namespace.
        call: cloudsmith-vulnerabilities.vulnerabilitiesnamespacelist
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/vulnerabilities/{owner}/{repo}
      name: vulnerabilities-owner-repo
      description: REST surface for vulnerabilities-owner-repo.
      operations:
      - method: GET
        name: vulnerabilitiesrepolist
        description: Lists scan results for a specific repository.
        call: cloudsmith-vulnerabilities.vulnerabilitiesrepolist
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/vulnerabilities/{owner}/{repo}/{package}
      name: vulnerabilities-owner-repo-package
      description: REST surface for vulnerabilities-owner-repo-package.
      operations:
      - method: GET
        name: vulnerabilitiespackagelist
        description: Lists scan results for a specific package.
        call: cloudsmith-vulnerabilities.vulnerabilitiespackagelist
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/vulnerabilities/{owner}/{repo}/{package}/{identifier}
      name: vulnerabilities-owner-repo-package-identifier
      description: REST surface for vulnerabilities-owner-repo-package-identifier.
      operations:
      - method: GET
        name: vulnerabilitiesread
        description: Get a scan result.
        call: cloudsmith-vulnerabilities.vulnerabilitiesread
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: cloudsmith-vulnerabilities-mcp
    port: 9090
    transport: http
    description: MCP adapter for Cloudsmith API (v1) — vulnerabilities. One tool per consumed operation, routed inline through
      this capability's consumes block.
    tools:
    - name: lists-scan-results-specific-namespace
      description: Lists scan results for a specific namespace.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: cloudsmith-vulnerabilities.vulnerabilitiesnamespacelist
      with:
        page: tools.page
        page_size: tools.page_size
      outputParameters:
      - type: object
        mapping: $.
    - name: lists-scan-results-specific-repository
      description: Lists scan results for a specific repository.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: cloudsmith-vulnerabilities.vulnerabilitiesrepolist
      with:
        page: tools.page
        page_size: tools.page_size
      outputParameters:
      - type: object
        mapping: $.
    - name: lists-scan-results-specific-package
      description: Lists scan results for a specific package.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: cloudsmith-vulnerabilities.vulnerabilitiespackagelist
      with:
        page: tools.page
        page_size: tools.page_size
      outputParameters:
      - type: object
        mapping: $.
    - name: get-scan-result
      description: Get a scan result.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: cloudsmith-vulnerabilities.vulnerabilitiesread
      outputParameters:
      - type: object
        mapping: $.