RAD Security

Instructions

Implementation Reference

• src/operations/findings.ts:51-94 (handler)

  Core handler function that executes the list_security_findings tool logic by constructing filters and querying the RAD Security API for unified findings.
  export async function listFindings( client: RadSecurityClient, limit: number = 20, types?: string[], severities?: string[], source_types?: string[], source_kinds?: string[], source_names?: string[], source_namespaces?: string[], status: string = "open", from_time: string = "now-7d", to_time?: string ): Promise<any> { const filterParam = makeFilter({ type: types, severity: severities, source_type: source_types, source_kind: source_kinds, source_name: source_names, source_namespace: source_namespaces, status: status, }); const params: Record<string, any> = { limit, filters: filterParam, from: from_time, }; if (to_time) { params.to = to_time; } const response = await client.makeRequest( `/accounts/${client.getAccountId()}/unified_findings/groups`, params ); return { size: response.length, entries: response, has_more: response.length === limit, }; }
• src/operations/findings.ts:11-22 (schema)

  Zod input schema defining parameters for filtering and paginating security findings.
  export const listFindingsSchema = z.object({ limit: z.number().optional().default(20).describe("Number of findings to return"), types: z.array(z.enum(types)).optional().describe("List of finding types to filter by"), severities: z.array(z.enum(severities)).optional().describe("List of severity levels to filter by"), source_kinds: z.array(z.string()).optional().describe("List of source kinds to filter by. i.e. Deployment,Pod,Container,Node,etc."), source_types: z.array(z.enum(source_types)).optional().describe("List of source types to filter by"), source_names: z.array(z.string()).optional().describe("List of source names to filter by"), source_namespaces: z.array(z.string()).optional().describe("List of source namespaces to filter by"), status: z.enum(statuses).optional().default("open").describe("Status of the findings to filter by"), from_time: z.string().optional().default("now-7d").describe("From time in RFC3339 or relative format, i.e. now-7d"), to_time: z.string().optional().describe("To time in RFC3339 or relative format, i.e. now-7d"), });
• src/index.ts:283-287 (registration)

  Tool registration in the listTools response, including name, description, and schema reference.
  { name: "list_security_findings", description: "List security findings with optional filtering by types, severities, sources, and status", inputSchema: zodToJsonSchema(findings.listFindingsSchema), },
• src/index.ts:674-691 (handler)

  Dispatcher handler in the CallToolRequest switch statement that parses arguments and delegates to the core listFindings function.
  case "list_security_findings": { const args = findings.listFindingsSchema.parse(request.params.arguments); const response = await findings.listFindings( client, args.limit, args.types, args.severities, args.source_types, args.source_kinds, args.source_names, args.source_namespaces, args.status, args.from_time, args.to_time ); return { content: [{ type: "text", text: JSON.stringify(response, null, 2) }], };
• src/operations/findings.ts:30-48 (helper)

  Helper utility function to construct comma-separated filter strings from parameter objects used in the listFindings API call.
  function makeFilter(filterObj: Record<string, string | string[] | undefined>): string { const filters: string[] = []; for (const [key, value] of Object.entries(filterObj)) { if (!value) continue; if (Array.isArray(value)) { for (const item of value) { if (item) { filters.push(`${key}:${item}`); } } } else { filters.push(`${key}:${value}`); } } return filters.join(","); }