Files
simstudioai--sim/apps/sim/tools/vanta/list_vulnerable_assets.ts
T
wehub-resource-sync d25d482dc2
Publish CLI Package / publish-npm (push) Waiting to run
Publish Python SDK / publish-pypi (push) Waiting to run
Publish TypeScript SDK / publish-npm (push) Waiting to run
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:20:55 +08:00

118 lines
3.5 KiB
TypeScript

import type { ToolConfig } from '@/tools/types'
import {
VANTA_PAGE_INFO_OUTPUT_PROPERTIES,
VANTA_VULNERABLE_ASSET_OUTPUT_PROPERTIES,
} from '@/tools/vanta/outputs'
import type {
VantaListVulnerableAssetsParams,
VantaListVulnerableAssetsResponse,
} from '@/tools/vanta/types'
import { createVantaTransformResponse, VANTA_QUERY_ROUTE } from '@/tools/vanta/utils'
export const vantaListVulnerableAssetsTool: ToolConfig<
VantaListVulnerableAssetsParams,
VantaListVulnerableAssetsResponse
> = {
id: 'vanta_list_vulnerable_assets',
name: 'Vanta List Vulnerable Assets',
description:
'List the assets associated with vulnerabilities in a Vanta account (servers, repositories, workstations, and more)',
version: '1.0.0',
params: {
clientId: {
type: 'string',
required: true,
visibility: 'user-only',
description: 'Vanta OAuth application client ID',
},
clientSecret: {
type: 'string',
required: true,
visibility: 'user-only',
description: 'Vanta OAuth application client secret',
},
region: {
type: 'string',
required: false,
visibility: 'user-only',
description: 'Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com)',
},
q: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'Search query for vulnerable assets',
},
integrationId: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'Filter by the integration scanning the asset',
},
assetType: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description:
'Filter by asset type: SERVER, SERVERLESS_FUNCTION, CONTAINER, CONTAINER_REPOSITORY, CONTAINER_REPOSITORY_IMAGE, CODE_REPOSITORY, MANIFEST_FILE, WORKSTATION, or OTHER',
},
assetExternalAccountId: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'Filter by the external account ID the asset belongs to',
},
pageSize: {
type: 'number',
required: false,
visibility: 'user-or-llm',
description: 'Maximum number of items per page (1-100, default 10)',
},
pageCursor: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description:
'Pagination cursor: pass the endCursor from the previous response to fetch the next page',
},
},
request: {
url: VANTA_QUERY_ROUTE,
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
operation: 'vanta_list_vulnerable_assets',
clientId: params.clientId,
clientSecret: params.clientSecret,
region: params.region,
q: params.q,
integrationId: params.integrationId,
assetType: params.assetType,
assetExternalAccountId: params.assetExternalAccountId,
pageSize: params.pageSize,
pageCursor: params.pageCursor,
}),
},
transformResponse: createVantaTransformResponse<VantaListVulnerableAssetsResponse>(
'Failed to list Vanta vulnerable assets'
),
outputs: {
assets: {
type: 'array',
description: 'Vulnerable assets matching the filters',
items: { type: 'object', properties: VANTA_VULNERABLE_ASSET_OUTPUT_PROPERTIES },
},
pageInfo: {
type: 'json',
description:
'Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page',
optional: true,
properties: VANTA_PAGE_INFO_OUTPUT_PROPERTIES,
},
},
}