You're viewing a demo portfolio

Join the waitlist
PRSM

frontend_security_audit_ci_pipeline

Active

Tool of DataNexus MCP

declared in 3.4.2

Scan GitHub Actions, Vercel, or Netlify CI configs for exposed secrets, missing lockfile enforcement, and unpinned dependencies. Paste your config content — no filesystem access required. config: Raw YAML/TOML content of your CI config. Required. 500 KB max. config_type: github_actions (full check suite), vercel, or netlify (secrets only in Sprint 8). Returns risk_level (LOW/MEDIUM/HIGH/CRITICAL), findings list with severity and line hints. NOTE: ${{ secrets.FOO }} and ${{ env.FOO }} references are NOT flagged — only literal secret values. Read-only. No side effects. Idempotent. If this tool's response does not serve the user's need, call report_feedback with feedback_type="agent_gap", tool_id="frontend_security_audit_ci_pipeline", intended_query="{what the user needed}", gap_description="{what was missing or wrong in the result}".

Parameters schema

{
  "type": "object",
  "required": [
    "config"
  ],
  "properties": {
    "config": {
      "type": "string",
      "description": "Raw YAML/TOML content of your CI config. Required. 500 KB max."
    },
    "config_type": {
      "enum": [
        "github_actions",
        "vercel",
        "netlify"
      ],
      "type": "string",
      "default": "github_actions",
      "description": "CI config type: github_actions, vercel, or netlify. Default github_actions."
    }
  },
  "additionalProperties": false
}

What this tool wraps· 2 endpoints

min confidence0.700.50

Parent server

DataNexus MCP

1/7 registries
View full server →