Skills

gh-code-scanning

Installation
SKILL.md

GitHub Code Scanning Skill

Overview

GitHub code scanning alerts are produced by static analysis tools such as CodeQL and Scorecard and surfaced in the GitHub Security tab. The GitHub Security tab is not accessible through the default MCP toolset, so this skill provides scripts for all read operations.

Prerequisites

Requirement Details
pwsh PowerShell 7+; install from https://learn.microsoft.com/powershell
gh CLI Installed and on PATH; install from https://cli.github.com
Auth Run gh auth login or set GH_TOKEN; requires security_events scope
Scope security_events for private repos; public_repo for public-only

The repo scope also satisfies security_events. The gh CLI handles authentication automatically; no explicit token passing is needed in commands.

Get-CodeScanningAlerts.ps1 validates both prerequisites at startup and aborts with a targeted error message if either check fails.

Installs
19
Repository
microsoft/hve-core
GitHub Stars
1.2K
First Seen
May 1, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
gh-code-scanning — microsoft/hve-core