Security Triage
security_triageRead GitHub security alerts from code scanning, Dependabot, and secret scanning, then produce a triage report with severity breakdown and recommended fix order.
Instructions
Read GitHub security alerts (code scanning, Dependabot, secret scanning) and produce a triage report.
Required token scopes:
security_events, or public_repo for public-only repos (Code Scanning)
security_events, or public_repo for public-only repos (Dependabot)
repo or security_events (Secret Scanning)
Args:
owner, repo: Repository coordinates.
includeCodeScanning / includeDependabot / includeSecretScanning: Default true.
Returns: Alert summary, severity breakdown, recommended fix order, suggested issues.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| repo | No | GitHub repo. Falls back to GITHUB_REPO. | |
| owner | No | GitHub owner. Falls back to GITHUB_OWNER. | |
| includeDependabot | No | Include Dependabot alerts. Requires vulnerability_alerts scope. | |
| includeCodeScanning | No | Include Code Scanning alerts. Requires security_events scope. | |
| includeSecretScanning | No | Include Secret Scanning alerts. Requires secret_scanning_alerts scope. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| repo | Yes | ||
| alerts | Yes | ||
| errors | Yes | ||
| severityCounts | Yes |