Socket · Capability
Socket Alerts Alerts
Socket alerts alerts business capability. Self-contained Naftiko capability covering one Socket business surface.
Socket Alerts Alerts is a Naftiko capability published by Socket, one of 21 capabilities the APIs.io network indexes for this provider. It bundles 4 operations across the GET method rooted at /v1/orgs/{…}.
The capability includes 4 read-only operations. Lead operation: List latest alerts (Beta). Can be deployed as a REST endpoint, MCP tool, or Agent Skill via Naftiko.
Tagged areas include Socket, Supply Chain Security, Alerts, and Alerts.
What You Can Do
GET
Get orgs org slug alerts
— List latest alerts (Beta)
/v1/orgs/{org_slug}/alerts
GET
Get orgs org slug historical alerts
— List historical alerts (Beta)
/v1/orgs/{org_slug}/historical/alerts
GET
Get orgs org slug historical alerts trend
— Trend of historical alerts (Beta)
/v1/orgs/{org_slug}/historical/alerts/trend
GET
Get orgs org slug alert full scan search
— List full scans associated with alert (Beta)
/v1/orgs/{org_slug}/alert-full-scan-search
MCP Tools
socket-get-orgs-org-slug-alerts
List latest alerts (Beta)
read-only
idempotent
socket-get-orgs-org-slug-historical-alerts
List historical alerts (Beta)
read-only
idempotent
socket-get-orgs-org-slug-historical-alerts-trend
Trend of historical alerts (Beta)
read-only
idempotent
socket-get-orgs-org-slug-alert-full-scan-search
List full scans associated with alert (Beta)
read-only
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: Socket Alerts Alerts
description: Socket alerts alerts business capability. Self-contained Naftiko capability covering one Socket business surface.
tags:
- Socket
- Supply Chain Security
- Alerts
- Alerts
created: '2026-05-25'
modified: '2026-05-25'
binds:
- namespace: env
keys:
SOCKET_API_KEY: SOCKET_API_KEY
capability:
consumes:
- type: http
namespace: alerts-alerts
baseUri: https://api.socket.dev/v0
description: Socket alerts alerts business capability. Self-contained, no shared references.
resources:
- name: orgs-org-slug-alerts
path: /orgs/{org_slug}/alerts
operations:
- name: get-orgs-org-slug-alerts
method: GET
description: List latest alerts (Beta)
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: org_slug
in: path
type: string
description: The slug of the organization
required: true
- name: per_page
in: query
type: integer
description: Specify the maximum number of results to return per page (intermediate pages may have fewer than this limit and callers should always check "endCursor" in response body to know if
there are more pages
required: false
- name: startAfterCursor
in: query
type: string
description: The pagination cursor that was returned as the "endCursor" property in previous request
required: false
- name: filters.alertAction
in: query
type: string
description: Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included
required: false
- name: filters.alertAction.notIn
in: query
type: string
description: Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded
required: false
- name: filters.alertActionSourceType
in: query
type: string
description: Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included
required: false
- name: filters.alertActionSourceType.notIn
in: query
type: string
description: Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded
required: false
- name: filters.alertCategory
in: query
type: string
description: Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included
required: false
- name: filters.alertCategory.notIn
in: query
type: string
description: Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded
required: false
- name: filters.alertClearedAt.eq
in: query
type: string
description: Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertClearedAt.lt
in: query
type: string
description: Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertClearedAt.lte
in: query
type: string
description: Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertClearedAt.gt
in: query
type: string
description: Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertClearedAt.gte
in: query
type: string
description: Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertCreatedAt.eq
in: query
type: string
description: Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertCreatedAt.lt
in: query
type: string
description: Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertCreatedAt.lte
in: query
type: string
description: Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertCreatedAt.gt
in: query
type: string
description: Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertCreatedAt.gte
in: query
type: string
description: Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertCveId
in: query
type: string
description: CVE ID
required: false
- name: filters.alertCveId.notIn
in: query
type: string
description: CVE ID
required: false
- name: filters.alertCveTitle
in: query
type: string
description: CVE title
required: false
- name: filters.alertCveTitle.notIn
in: query
type: string
description: CVE title
required: false
- name: filters.alertCweId
in: query
type: string
description: CWE ID
required: false
- name: filters.alertCweId.notIn
in: query
type: string
description: CWE ID
required: false
- name: filters.alertCweName
in: query
type: string
description: CWE name
required: false
- name: filters.alertCweName.notIn
in: query
type: string
description: CWE name
required: false
- name: filters.alertEPSS
in: query
type: string
description: Alert EPSS ("low", "medium", "high", "critical")
required: false
- name: filters.alertEPSS.notIn
in: query
type: string
description: Alert EPSS ("low", "medium", "high", "critical")
required: false
- name: filters.alertFixType
in: query
type: string
description: Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included
required: false
- name: filters.alertFixType.notIn
in: query
type: string
description: Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded
required: false
- name: filters.alertKEV
in: query
type: boolean
description: Alert KEV (Known Exploited Vulnerability) filter flag
required: false
- name: filters.alertKEV.notIn
in: query
type: boolean
description: Alert KEV (Known Exploited Vulnerability) filter flag
required: false
- name: filters.alertPriority
in: query
type: string
description: Alert priority ("low", "medium", "high", or "critical")
required: false
- name: filters.alertPriority.notIn
in: query
type: string
description: Alert priority ("low", "medium", "high", or "critical")
required: false
- name: filters.alertReachabilityAnalysisType
in: query
type: string
description: Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included
required: false
- name: filters.alertReachabilityAnalysisType.notIn
in: query
type: string
description: Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded
required: false
- name: filters.alertReachabilityType
in: query
type: string
description: Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown",
or "unreacha
required: false
- name: filters.alertReachabilityType.notIn
in: query
type: string
description: Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown",
or "unreacha
required: false
- name: filters.alertSeverity
in: query
type: string
description: Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included
required: false
- name: filters.alertSeverity.notIn
in: query
type: string
description: Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded
required: false
- name: filters.alertStatus
in: query
type: string
description: A single alert status ("open" or "cleared")
required: false
- name: filters.alertStatus.notIn
in: query
type: string
description: A single alert status ("open" or "cleared")
required: false
- name: filters.alertType
in: query
type: string
description: Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included
required: false
- name: filters.alertType.notIn
in: query
type: string
description: Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded
required: false
- name: filters.alertUpdatedAt.eq
in: query
type: string
description: Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertUpdatedAt.lt
in: query
type: string
description: Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertUpdatedAt.lte
in: query
type: string
description: Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertUpdatedAt.gt
in: query
type: string
description: Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.alertUpdatedAt.gte
in: query
type: string
description: Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)
required: false
- name: filters.artifactName
in: query
type: string
description: Name of artifact
required: false
- name: filters.artifactName.notIn
in: query
type: string
description: Name of artifact
required: false
- name: filters.artifactType
in: query
type: string
description: Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included
required: false
- name: filters.artifactType.notIn
in: query
type: string
description: Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded
required: false
- name: filters.branch
in: query
type: string
description: Comma-separated list of branch names that should be included
required: false
- name: filters.branch.notIn
in: query
type: string
description: Comma-separated list of branch names that should be excluded
required: false
- name: filters.cvePatchStatus
in: query
type: string
description: Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included
required: false
- name: filters.cvePatchStatus.notIn
in: query
type: string
description: Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded
required: false
- name: filters.dependencyDead
in: query
type: boolean
description: Dead/reachable dependency filter flag
required: false
- name: filters.dependencyDead.notIn
in: query
type: boolean
description: Dead/reachable dependency filter flag
required: false
- name: filters.dependencyDev
in: query
type: boolean
description: Development/production dependency filter flag
required: false
- name: filters.dependencyDev.notIn
in: query
type: boolean
description: Development/production dependency filter flag
required: false
- name: filters.dependencyDirect
in: query
type: boolean
description: Direct/transitive dependency filter flag
required: false
- name: filters.dependencyDirect.notIn
in: query
type: boolean
description: Direct/transitive dependency filter flag
required: false
- name: filters.repoFullName
in: query
type: string
description: Comma-separated list of repo full names that should be included
required: false
- name: filters.repoFullName.notIn
in: query
type: string
description: Comma-separated list of repo full names that should be excluded
required: false
- name: filters.repoLabels
in: query
type: string
description: Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels.
required: false
- name: filters.repoLabels.notIn
in: query
type: string
description: Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels.
required: false
- name: filters.repoSlug
in: query
type: string
description: Comma-separated list of repo slugs that should be included
required: false
- name: filters.repoSlug.notIn
in: query
type: string
description: Comma-separated list of repo slugs that should be excluded
required: false
- name: orgs-org-slug-historical-alerts
path: /orgs/{org_slug}/historical/alerts
operations:
- name: get-orgs-org-slug-historical-alerts
method: GET
description: List historical alerts (Beta)
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: org_slug
in: path
type: string
description: The slug of the organization
required: true
- name: date
in: query
type: string
description: The UTC date in YYYY-MM-DD format for which to fetch alerts
required: false
- name: range
in: query
type: string
description: The number of days of data to fetch as an offset from input date (e.g. "-7d" or "7d") or use "latest" to query for latest alerts for each repo
required: false
- name: per_page
in: query
type: integer
description: Specify the maximum number of results to return per page (intermediate pages may have fewer than this limit and callers should always check "endCursor" in response body to know if
there are more pages
required: false
- name: startAfterCursor
in: query
type: string
description: The pagination cursor that was returned as the "endCursor" property in previous request
required: false
- name: filters.alertAction
in: query
type: string
description: Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included
required: false
- name: filters.alertAction.notIn
in: query
type: string
description: Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded
required: false
- name: filters.alertActionSourceType
in: query
type: string
description: Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included
required: false
- name: filters.alertActionSourceType.notIn
in: query
type: string
description: Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded
required: false
- name: filters.alertCategory
in: query
type: string
description: Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included
required: false
- name: filters.alertCategory.notIn
in: query
type: string
description: Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded
required: false
- name: filters.alertCveId
in: query
type: string
description: CVE ID
required: false
- name: filters.alertCveId.notIn
in: query
type: string
description: CVE ID
required: false
- name: filters.alertCveTitle
in: query
type: string
description: CVE title
required: false
- name: filters.alertCveTitle.notIn
in: query
type: string
description: CVE title
required: false
- name: filters.alertCweId
in: query
type: string
description: CWE ID
required: false
- name: filters.alertCweId.notIn
in: query
type: string
description: CWE ID
required: false
- name: filters.alertCweName
in: query
type: string
description: CWE name
required: false
- name: filters.alertCweName.notIn
in: query
type: string
description: CWE name
required: false
- name: filters.alertEPSS
in: query
type: string
description: Alert EPSS ("low", "medium", "high", "critical")
required: false
- name: filters.alertEPSS.notIn
in: query
type: string
description: Alert EPSS ("low", "medium", "high", "critical")
required: false
- name: filters.alertFixType
in: query
type: string
description: Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included
required: false
- name: filters.alertFixType.notIn
in: query
type: string
description: Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded
required: false
- name: filters.alertKEV
in: query
type: boolean
description: Alert KEV (Known Exploited Vulnerability) filter flag
required: false
- name: filters.alertKEV.notIn
in: query
type: boolean
description: Alert KEV (Known Exploited Vulnerability) filter flag
required: false
- name: filters.alertPriority
in: query
type: string
description: Alert priority ("low", "medium", "high", or "critical")
required: false
- name: filters.alertPriority.notIn
in: query
type: string
description: Alert priority ("low", "medium", "high", or "critical")
required: false
- name: filters.alertReachabilityAnalysisType
in: query
type: string
description: Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included
required: false
- name: filters.alertReachabilityAnalysisType.notIn
in: query
type: string
description: Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded
required: false
- name: filters.alertReachabilityType
in: query
type: string
description: Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown",
or "unreacha
required: false
- name: filters.alertReachabilityType.notIn
in: query
type: string
description: Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown",
or "unreacha
required: false
- name: filters.alertSeverity
in: query
type: string
description: Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included
required: false
- name: filters.alertSeverity.notIn
in: query
type: string
description: Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded
required: false
- name: filters.alertType
in: query
type: string
description: Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included
required: false
- name: filters.alertType.notIn
in: query
type: string
description: Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded
required: false
- name: filters.artifactName
in: query
type: string
description: Name of artifact
required: false
- name: filters.artifactName.notIn
in: query
type: string
description: Name of artifact
required: false
- name: filters.artifactType
in: query
type: string
description: Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included
required: false
- name: filters.artifactType.notIn
in: query
type: string
description: Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded
required: false
- name: filters.branch
in: query
type: string
description: Comma-separated list of branch names that should be included
required: false
- name: filters.branch.notIn
in: query
type: string
description: Comma-separated list of branch names that should be excluded
required: false
- name: filters.cvePatchStatus
in: query
type: string
description: Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included
required: false
- name: filters.cvePatchStatus.notIn
in: query
type: string
description: Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded
required: false
- name: filters.dependencyDead
in: query
type: boolean
description: Dead/reachable dependency filter flag
required: false
- name: filters.dependencyDead.notIn
in: query
type: boolean
description: Dead/reachable dependency filter flag
required: false
- name: filters.dependencyDev
in: query
type: boolean
description: Development/production dependency filter flag
required: false
- name: filters.dependencyDev.notIn
in: query
type: boolean
description: Development/production dependency filter flag
required: false
- name: filters.dependencyDirect
in: query
type: boolean
description: Direct/transitive dependency filter flag
required: false
- name: filters.dependencyDirect.notIn
in: query
type: boolean
description: Direct/transitive dependency filter flag
required: false
- name: filters.repoFullName
in: query
type: string
description: Comma-separated list of repo full names that should be included
required: false
- name: filters.repoFullName.notIn
in: query
type: string
description: Comma-separated list of repo full names that should be excluded
required: false
- name: filters.repoLabels
in: query
type: string
description: Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels.
required: false
- name: filters.repoLabels.notIn
in: query
type: string
description: Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels.
required: false
- name: filters.repoSlug
in: query
type: string
description: Comma-separated list of repo slugs that should be included
required: false
- name: filters.repoSlug.notIn
in: query
type: string
description: Comma-separated list of repo slugs that should be excluded
required: false
- name: orgs-org-slug-historical-alerts-trend
path: /orgs/{org_slug}/historical/alerts/trend
operations:
- name: get-orgs-org-slug-historical-alerts-trend
method: GET
description: Trend of historical alerts (Beta)
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: org_slug
in: path
type: string
description: The slug of the organization
required: true
- name: date
in: query
type: string
description: The UTC date in YYYY-MM-DD format for which to fetch alerts
required: false
- name: range
in: query
type: string
description: The number of days of data to fetch as an offset from input date
required: false
- name: aggregation.fields
in: query
type: string
description: 'Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,branch,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertF'
required: false
- name: filters.alertAction
in: query
type: string
description: Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included
required: false
- name: filters.alertAction.notIn
in: query
type: string
description: Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded
required: false
- name: filters.alertActionSourceType
in: query
type: string
description: Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included
required: false
- name: filters.alertActionSourceType.notIn
in: query
type: string
description: Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded
required: false
- name: filters.alertCategory
in: query
type: string
description: Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included
required: false
- name: filters.alertCategory.notIn
in: query
type: string
description: Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded
required: false
- name: filters.alertCveId
in: query
type: string
description: CVE ID
required: false
- name: filters.alertCveId.notIn
in: query
type: string
description: CVE ID
required: false
- name: filters.alertCveTitle
in: query
type: string
description: CVE title
required: false
- name: filters.alertCveTitle.notIn
in: query
type: string
description: CVE title
required: false
- name: filters.alertCweId
in: query
type: string
description: CWE ID
required: false
- name: filters.alertCweId.notIn
in: query
type: string
description: CWE ID
required: false
- name: filters.alertCweName
in: query
type: string
description: CWE name
required: false
- name: filters.alertCweName.notIn
in: query
type: string
description: CWE name
required: false
- name: filters.alertEPSS
in: query
type: string
description: Alert EPSS ("low", "medium", "high", "critical")
required: false
- name: filters.alertEPSS.notIn
in: query
type: string
description: Alert EPSS ("low", "medium", "high", "critical")
required: false
- name: filters.alertFixType
in: query
type: string
description: Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included
required: false
- name: filters.alertFixType.notIn
in: query
type: string
description: Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded
required: false
- name: filters.alertKEV
in: query
type: boolean
description: Alert KEV (Known Exploited Vulnerability) filter flag
required: false
- name: filters.alertKEV.notIn
in: query
type: boolean
description: Alert KEV (Known Exploited Vulnerability) filter flag
required: false
- name: filters.alertPriority
in: query
type: string
description: Alert priority ("low", "medium", "high", or "critical")
required: false
- name: filters.alertPriority.notIn
in: query
# --- truncated at 32 KB (66 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/capabilities/alerts-alerts.yaml