GitHub · Capability

github-repos-api — Scanning

github-repos-api — Scanning. 9 operations. Lead operation: GitHub List Code Scanning Alerts for Repository. Self-contained Naftiko capability covering one Github business surface.

Run with Naftiko GithubScanning

What You Can Do

GET
Listcodescanningalertsforrepository — GitHub List Code Scanning Alerts for Repository
/v1/repos/{owner}/{repo}/code-scanning/alerts
GET
Getcodescanningalert — GitHub Get Code Scanning Alert
/v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}
PATCH
Updatecodescanningalert — GitHub Update Code Scanning Alert
/v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}
GET
Listinstancesofcodescanningalert — GitHub List Instances of Code Scanning Alert
/v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}/instances
GET
Listcodescanninganalysesforrepository — GitHub List Code Scanning Analyses for Repository
/v1/repos/{owner}/{repo}/code-scanning/analyses
GET
Getcodescanninganalysisforrepository — GitHub Get Code Scanning Analysis for Repository
/v1/repos/{owner}/{repo}/code-scanning/analyses/{analysis-id}
DELETE
Deletecodescanninganalysisfromrepository — GitHub Delete Code Scanning Analysis from Repository
/v1/repos/{owner}/{repo}/code-scanning/analyses/{analysis-id}
GET
Getcodescanningdefaultsetupconfiguration — GitHub Get Code Scanning Default Setup Configuration
/v1/repos/{owner}/{repo}/code-scanning/default-setup
PATCH
Updatecodescanningdefaultsetupconfiguration — GitHub Update Code Scanning Default Setup Configuration
/v1/repos/{owner}/{repo}/code-scanning/default-setup

MCP Tools

github-list-code-scanning-alerts

GitHub List Code Scanning Alerts for Repository

read-only idempotent
github-get-code-scanning-alert

GitHub Get Code Scanning Alert

read-only idempotent
github-update-code-scanning-alert

GitHub Update Code Scanning Alert

idempotent
github-list-instances-code-scanning

GitHub List Instances of Code Scanning Alert

read-only idempotent
github-list-code-scanning-analyses

GitHub List Code Scanning Analyses for Repository

read-only idempotent
github-get-code-scanning-analysis

GitHub Get Code Scanning Analysis for Repository

read-only idempotent
github-delete-code-scanning-analysis

GitHub Delete Code Scanning Analysis from Repository

idempotent
github-get-code-scanning-default

GitHub Get Code Scanning Default Setup Configuration

read-only idempotent
github-update-code-scanning-default

GitHub Update Code Scanning Default Setup Configuration

idempotent

Capability Spec

repo-code-scanning-scanning.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: github-repos-api — Scanning
  description: 'github-repos-api — Scanning. 9 operations. Lead operation: GitHub List Code Scanning Alerts for Repository.
    Self-contained Naftiko capability covering one Github business surface.'
  tags:
  - Github
  - Scanning
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    GITHUB_API_KEY: GITHUB_API_KEY
capability:
  consumes:
  - type: http
    namespace: repo-code-scanning-scanning
    baseUri: ''
    description: github-repos-api — Scanning business capability. Self-contained, no shared references.
    resources:
    - name: repos-owner-repo-code-scanning-alerts
      path: /repos/{owner}/{repo}/code-scanning/alerts
      operations:
      - name: listcodescanningalertsforrepository
        method: GET
        description: GitHub List Code Scanning Alerts for Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: sort
          in: query
          type: string
          description: The property by which to sort the results.
        - name: state
          in: query
          type: string
          description: If specified, only code scanning alerts with this state will be returned.
        - name: severity
          in: query
          type: string
          description: If specified, only code scanning alerts with this severity will be returned.
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
    - name: repos-owner-repo-code-scanning-alerts-alert_number
      path: /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
      operations:
      - name: getcodescanningalert
        method: GET
        description: GitHub Get Code Scanning Alert
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
      - name: updatecodescanningalert
        method: PATCH
        description: GitHub Update Code Scanning Alert
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: repos-owner-repo-code-scanning-alerts-alert_number-instances
      path: /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances
      operations:
      - name: listinstancesofcodescanningalert
        method: GET
        description: GitHub List Instances of Code Scanning Alert
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
    - name: repos-owner-repo-code-scanning-analyses
      path: /repos/{owner}/{repo}/code-scanning/analyses
      operations:
      - name: listcodescanninganalysesforrepository
        method: GET
        description: GitHub List Code Scanning Analyses for Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: ref
          in: query
          type: string
          description: 'The Git reference for the analyses you want to list. The `ref` for a branch can be formatted either
            as `refs/heads/<branch name>` or simply `<branch name>`. To '
        - name: sarif_id
          in: query
          type: string
          description: Filter analyses belonging to the same SARIF upload.
        - name: sort
          in: query
          type: string
          description: The property by which to sort the results.
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
    - name: repos-owner-repo-code-scanning-analyses-analysis_id
      path: /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}
      operations:
      - name: getcodescanninganalysisforrepository
        method: GET
        description: GitHub Get Code Scanning Analysis for Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: analysis_id
          in: path
          type: integer
          description: The ID of the analysis, as returned from the `GET /repos/{owner}/{repo}/code-scanning/analyses` operation.
          required: true
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
      - name: deletecodescanninganalysisfromrepository
        method: DELETE
        description: GitHub Delete Code Scanning Analysis from Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: analysis_id
          in: path
          type: integer
          description: The ID of the analysis, as returned from the `GET /repos/{owner}/{repo}/code-scanning/analyses` operation.
          required: true
        - name: confirm_delete
          in: query
          type: string
          description: Allow deletion if the specified analysis is the last in a set. If you attempt to delete the final analysis
            in a set without setting this parameter to `true`, yo
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
    - name: repos-owner-repo-code-scanning-default-setup
      path: /repos/{owner}/{repo}/code-scanning/default-setup
      operations:
      - name: getcodescanningdefaultsetupconfiguration
        method: GET
        description: GitHub Get Code Scanning Default Setup Configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
      - name: updatecodescanningdefaultsetupconfiguration
        method: PATCH
        description: GitHub Update Code Scanning Default Setup Configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: Authorization
          in: header
          type: string
        - name: X-GitHub-Api-Version
          in: header
          type: string
        - name: Accept
          in: header
          type: string
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    authentication:
      type: bearer
      token: '{{env.GITHUB_API_KEY}}'
  exposes:
  - type: rest
    namespace: repo-code-scanning-scanning-rest
    port: 8080
    description: REST adapter for github-repos-api — Scanning. One Spectral-compliant resource per consumed operation, prefixed
      with /v1.
    resources:
    - path: /v1/repos/{owner}/{repo}/code-scanning/alerts
      name: repos-owner-repo-code-scanning-alerts
      description: REST surface for repos-owner-repo-code-scanning-alerts.
      operations:
      - method: GET
        name: listcodescanningalertsforrepository
        description: GitHub List Code Scanning Alerts for Repository
        call: repo-code-scanning-scanning.listcodescanningalertsforrepository
        with:
          sort: rest.sort
          state: rest.state
          severity: rest.severity
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}
      name: repos-owner-repo-code-scanning-alerts-alert-number
      description: REST surface for repos-owner-repo-code-scanning-alerts-alert_number.
      operations:
      - method: GET
        name: getcodescanningalert
        description: GitHub Get Code Scanning Alert
        call: repo-code-scanning-scanning.getcodescanningalert
        with:
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: updatecodescanningalert
        description: GitHub Update Code Scanning Alert
        call: repo-code-scanning-scanning.updatecodescanningalert
        with:
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}/instances
      name: repos-owner-repo-code-scanning-alerts-alert-number-instances
      description: REST surface for repos-owner-repo-code-scanning-alerts-alert_number-instances.
      operations:
      - method: GET
        name: listinstancesofcodescanningalert
        description: GitHub List Instances of Code Scanning Alert
        call: repo-code-scanning-scanning.listinstancesofcodescanningalert
        with:
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/analyses
      name: repos-owner-repo-code-scanning-analyses
      description: REST surface for repos-owner-repo-code-scanning-analyses.
      operations:
      - method: GET
        name: listcodescanninganalysesforrepository
        description: GitHub List Code Scanning Analyses for Repository
        call: repo-code-scanning-scanning.listcodescanninganalysesforrepository
        with:
          ref: rest.ref
          sarif_id: rest.sarif_id
          sort: rest.sort
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/analyses/{analysis-id}
      name: repos-owner-repo-code-scanning-analyses-analysis-id
      description: REST surface for repos-owner-repo-code-scanning-analyses-analysis_id.
      operations:
      - method: GET
        name: getcodescanninganalysisforrepository
        description: GitHub Get Code Scanning Analysis for Repository
        call: repo-code-scanning-scanning.getcodescanninganalysisforrepository
        with:
          analysis_id: rest.analysis_id
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deletecodescanninganalysisfromrepository
        description: GitHub Delete Code Scanning Analysis from Repository
        call: repo-code-scanning-scanning.deletecodescanninganalysisfromrepository
        with:
          analysis_id: rest.analysis_id
          confirm_delete: rest.confirm_delete
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/default-setup
      name: repos-owner-repo-code-scanning-default-setup
      description: REST surface for repos-owner-repo-code-scanning-default-setup.
      operations:
      - method: GET
        name: getcodescanningdefaultsetupconfiguration
        description: GitHub Get Code Scanning Default Setup Configuration
        call: repo-code-scanning-scanning.getcodescanningdefaultsetupconfiguration
        with:
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: updatecodescanningdefaultsetupconfiguration
        description: GitHub Update Code Scanning Default Setup Configuration
        call: repo-code-scanning-scanning.updatecodescanningdefaultsetupconfiguration
        with:
          Authorization: rest.Authorization
          X-GitHub-Api-Version: rest.X-GitHub-Api-Version
          Accept: rest.Accept
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: repo-code-scanning-scanning-mcp
    port: 9090
    transport: http
    description: MCP adapter for github-repos-api — Scanning. One tool per consumed operation, routed inline through this
      capability's consumes block.
    tools:
    - name: github-list-code-scanning-alerts
      description: GitHub List Code Scanning Alerts for Repository
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.listcodescanningalertsforrepository
      with:
        sort: tools.sort
        state: tools.state
        severity: tools.severity
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-code-scanning-alert
      description: GitHub Get Code Scanning Alert
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.getcodescanningalert
      with:
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-update-code-scanning-alert
      description: GitHub Update Code Scanning Alert
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.updatecodescanningalert
      with:
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: github-list-instances-code-scanning
      description: GitHub List Instances of Code Scanning Alert
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.listinstancesofcodescanningalert
      with:
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-list-code-scanning-analyses
      description: GitHub List Code Scanning Analyses for Repository
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.listcodescanninganalysesforrepository
      with:
        ref: tools.ref
        sarif_id: tools.sarif_id
        sort: tools.sort
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-code-scanning-analysis
      description: GitHub Get Code Scanning Analysis for Repository
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.getcodescanninganalysisforrepository
      with:
        analysis_id: tools.analysis_id
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-delete-code-scanning-analysis
      description: GitHub Delete Code Scanning Analysis from Repository
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: repo-code-scanning-scanning.deletecodescanninganalysisfromrepository
      with:
        analysis_id: tools.analysis_id
        confirm_delete: tools.confirm_delete
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-code-scanning-default
      description: GitHub Get Code Scanning Default Setup Configuration
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.getcodescanningdefaultsetupconfiguration
      with:
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
      outputParameters:
      - type: object
        mapping: $.
    - name: github-update-code-scanning-default
      description: GitHub Update Code Scanning Default Setup Configuration
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: repo-code-scanning-scanning.updatecodescanningdefaultsetupconfiguration
      with:
        Authorization: tools.Authorization
        X-GitHub-Api-Version: tools.X-GitHub-Api-Version
        Accept: tools.Accept
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.