Security
securityScan code repositories for security vulnerabilities using heuristic or semgrep engines, generate reports in JSON or SARIF formats, and manage suppression rules.
Instructions
Security scanning over the code knowledge graph. Actions: scan (engine='heuristic'|'semgrep', repo_root), report (format='json'|'sarif', repo_root), suppress (rule_id, remove=false, repo_root), rule_list (engine='heuristic'|'semgrep'). Use help tool for full docs.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| action | No | scan | |
| engine | No | heuristic | |
| format | No | json | |
| remove | No | ||
| rule_id | No | ||
| repo_root | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |