creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
4cc24378c76c1b8dea658181ff34cbf2f1d3ba4f
Anthropic-Cybersecurity-Skills/skills/implementing-github-advanced-security-for-code-scanning/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

69 lines
1.9 KiB
Markdown
Raw Blame History

# API Reference: Implementing GitHub Advanced Security for Code Scanning
## GitHub Code Scanning API
```bash
# List code scanning alerts
gh api /repos/OWNER/REPO/code-scanning/alerts?state=open
# Get specific alert
gh api /repos/OWNER/REPO/code-scanning/alerts/ALERT_NUMBER
# List analyses
gh api /repos/OWNER/REPO/code-scanning/analyses
# Upload SARIF
gh api /repos/OWNER/REPO/code-scanning/sarifs -X POST \
-f commit_sha=SHA -f ref=refs/heads/main -f sarif=@results.sarif.gz
```
## Secret Scanning API
```bash
# List secret alerts
gh api /repos/OWNER/REPO/secret-scanning/alerts?state=open
# Update alert state
gh api /repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER -X PATCH \
-f state=resolved -f resolution=revoked
```
## CodeQL Query Suites
| Suite | Description | False Positive Rate |
|-------|-------------|-------------------|
| `default` | High-confidence security | Low |
| `security-extended` | Broader security coverage | Medium |
| `security-and-quality` | Security + code quality | Higher |
## CodeQL Workflow (GitHub Actions)
```yaml
- uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
queries: +security-extended
- uses: github/codeql-action/autobuild@v3
- uses: github/codeql-action/analyze@v3
```
## Supported Languages
| Language | Build Required | Query Pack |
|----------|---------------|-----------|
| Python | No | codeql/python-queries |
| JavaScript/TypeScript | No | codeql/javascript-queries |
| Java/Kotlin | Yes | codeql/java-queries |
| C/C++ | Yes | codeql/cpp-queries |
| C# | Yes | codeql/csharp-queries |
| Go | Yes | codeql/go-queries |
| Ruby | No | codeql/ruby-queries |
| Swift | Yes | codeql/swift-queries |
### References
- GHAS Docs: https://docs.github.com/en/code-security/code-scanning
- CodeQL: https://codeql.github.com/docs/
- CodeQL Queries: https://github.com/github/codeql
- SARIF Spec: https://sarifweb.azurewebsites.net/
Reference in New Issue View Git Blame Copy Permalink