Skip to content
Recued
Menu
← Back to packs

Security Posture - Snyk

by recued-core v1 app_pack

API capability pack for bounded Snyk REST API reads against https://api.snyk.io/rest only, pinned with version=2024-10-15 on every operation. Enroll a Snyk connection named snyk that injects Authorization with either the documented token header or bearer auth; no credential is embedded in this manifest. The pack reads groups, organizations, projects, issues, targets, collections, and inventory assets for security posture review, vulnerability triage, asset inventory, and developer remediation planning. It bundles a scheduled security posture digest and an AI-assisted issue investigation brief. This slice is read-only: it intentionally excludes deletes, ignore/resolution mutation, project/target/collection mutation, invite and membership administration, app secrets, service account secrets, SSO, settings, policy mutation, export jobs, SBOM uploads/tests, package issue POST queries, and arbitrary Snyk API passthrough.

What this pack installs

Trust & control

What installing this whole pack would let it do. Recued grants these permissions at install — review them there before approving.

Where it runs

Device + server Runs on your device (browser) or your server.

What it's allowed to do

Read Web APIs snyk read-only
Read: organization.search · No approvalRead: organization.read · No approvalRead: group.search · No approvalRead: group.read · No approvalRead: group.organization.search · No approvalRead: project.search · No approvalRead: project.read · No approvalRead: issue.search · No approvalRead: issue.read · No approvalRead: target.search · No approvalRead: target.read · No approvalRead: collection.search · No approvalRead: collection.read · No approvalRead: asset.search · No approvalRead: asset.read · No approvalRead: asset.project.search · No approvalRead: asset.target.search · No approval

Data it touches

SurfacesWeb APIs
Warehousedata.attributesdata.iddata.relationshipsdata.type

About

Tags

pack:snyksnyksecurityvulnerabilitiesprojectsissuestargetsassetsinventorydeveloper-toolsworkflowrecipeapiv3composition