Field Value Name github-vuln-triageCategory automation Complexity advanced Tags github-security, dependabot, codeql, llm-triage, fan-out-pattern, auto-remediation, postgres-state, s3-storage Author randybias Min Version 0.1.0
Aggregate Dependabot and CodeQL alerts across a GitHub org, enrich with repo context (customer-facing status, environment, owning team), triage with AI, and auto-create GitHub issues for actionable findings. Uses a fan-out/fan-in DAG pattern for parallel alert fetching and a second fan-out for response actions.
fetch-dependabot ─┐ ┌→ create-issues ─┐
├→ deduplicate → enrich-context → triage ─┼→ alert-critical ←┘
fetch-codescan ───┘ └→ log-all
Node Purpose fetch-dependabotFetch Dependabot alerts from GitHub API fetch-codescanFetch CodeQL code scanning alerts from GitHub API deduplicateMerge and deduplicate alerts from both sources enrich-contextAdd repo context (environment, team, customer exposure) triageAI-powered severity triage and action recommendations create-issuesAuto-create GitHub issues for actionable findings alert-criticalSend critical alerts to Slack with issue links log-allLog all triage results to Postgres and S3
manualcron — daily at 7:00 AM (0 7 * * *)
Service Type Required GitHub API External Yes Anthropic API External Yes Slack webhook External Yes tentacular-postgres Exoskeleton Yes tentacular-rustfs Exoskeleton Yes
Key Default Description timeout180sPer-node timeout retries1Retry count per node github_orgmy-orgGitHub organization to scan repo_context(example map) Per-repo context: customer_facing, environment, team
github.token — GitHub personal access token with security and issues permissionsanthropic.api_key — Claude API key for triage analysisslack.webhook_url — Slack webhook for critical alerts
tntc scaffold init github-vuln-triage
tntc scaffold init github-vuln-triage my-custom-name
tntc scaffold info github-vuln-triage
Scaffold source: quickstarts/github-vuln-triage/
