Field Value Name github-security-digestCategory reporting Complexity moderate Tags github-security, dependabot, llm-triage, cron-triggered, postgres-state Author randybias Min Version 0.1.0
Daily digest of Dependabot and code scanning alerts across GitHub repos with LLM-powered prioritization. Fetches security alerts from the GitHub API, deduplicates against previously seen alerts in Postgres, uses Claude to prioritize and summarize findings, and delivers a digest to Slack.
fetch-alerts → deduplicate-store → prioritize-summarize → notify-slack
Node Purpose fetch-alertsFetch Dependabot and code scanning alerts from GitHub deduplicate-storeDeduplicate against previously seen alerts in Postgres prioritize-summarizeAI-powered prioritization and summary of new alerts notify-slackDeliver prioritized digest to Slack
manualcron — daily at 7:00 AM (0 7 * * *)
Service Type Required GitHub API External Yes Anthropic API External Yes Slack webhook External Yes tentacular-postgres Exoskeleton Yes
Key Default Description timeout120sPer-node timeout retries1Retry count per node github_orgmy-orgGitHub organization to scan repos[]Specific repos to scan (empty = all in org)
github.token — GitHub personal access token with security alert permissionsanthropic.api_key — Claude API key for prioritizationslack.webhook_url — Slack webhook for digest delivery
tntc scaffold init github-security-digest
tntc scaffold init github-security-digest my-custom-name
tntc scaffold info github-security-digest
Scaffold source: quickstarts/github-security-digest/
