Get findings

GET

findings

Get findings

curl --request GET \
  --url https://api.ghostsecurity.ai/v2/findings \
  --header 'Authorization: Bearer <token>'

{
  "has_more": true,
  "items": [
    {
      "agent": {
        "custom_agent_vector_id": "<string>",
        "description": "<string>",
        "name": "<string>",
        "vector": "<string>"
      },
      "created_at": "<string>",
      "details": {
        "code": "<string>",
        "description": "<string>",
        "endpoint_locations": [
          {
            "action": "<string>",
            "path": "<string>",
            "type": "<string>"
          }
        ],
        "exploit_feasibility": "<string>",
        "exploit_walkthrough": "<string>",
        "fixed_code": "<string>",
        "location": {
          "class_name": "<string>",
          "file_path": "<string>",
          "hash": "<string>",
          "line_number": 123,
          "method_name": "<string>",
          "url": "<string>"
        },
        "remediation": "<string>",
        "remediation_effort": "<string>",
        "severity": "<string>",
        "supporting_files": [
          {
            "class_name": "<string>",
            "file_path": "<string>",
            "hash": "<string>",
            "line_number": 123,
            "method_name": "<string>",
            "url": "<string>"
          }
        ],
        "title": "<string>",
        "validation_evidence": [
          {
            "criteria": "<string>",
            "rationale": "<string>"
          }
        ]
      },
      "id": "<string>",
      "organization_id": "<string>",
      "project": {
        "id": "<string>",
        "name": "<string>",
        "purpose": "<string>"
      },
      "repo": {
        "id": "<string>",
        "name": "<string>",
        "provider": "<string>",
        "url": "<string>"
      },
      "scan_details": {
        "analyzed_at": "<string>",
        "rejected_at": "<string>",
        "scan_id": "<string>",
        "verified_at": "<string>"
      },
      "status": "<string>",
      "updated_at": "<string>",
      "user_status": "<string>"
    }
  ],
  "next_cursor": "eyJzb3J0X3ZhbHVlIjoiMjAyNC0wMS0xNVQxMDozMDowMFoiLCJkb2N1bWVudF9pZCI6InJlcG8xMjMiLCJzb3J0X2ZpZWxkIjoiY3JlYXRlZF9hdCJ9",
  "total": 250
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

cursor

string

Pagination cursor

sort

enum<string>

default:created_at

Sort field

Available options:

created_at,

updated_at

order

enum<string>

default:desc

Sort order

Available options:

asc,

desc

size

integer

default:100

Page size

Required range: 1 <= x <= 1000

status

enum<string>

Filter by status

Available options:

open,

active,

muted

repo_id

string

Filter by repository ID

project_id

string

Filter by project ID

Response

has_more

boolean

Indicates if there are more items available

Example:

true

items

object[]

The response items

Show child attributes

items.agent

object

Finding Agent details

Show child attributes

items.agent.custom_agent_vector_id

string

items.agent.description

string

items.agent.name

string

items.agent.vector

string

items.created_at

string

items.details

object

Finding Details

Show child attributes

items.details.code

string

items.details.description

string

items.details.endpoint_locations

object[]

Show child attributes

items.details.endpoint_locations.action

string

HTTP verb, gRPC RPC method, or GraphQL operation.field

items.details.endpoint_locations.path

string

URL path, package.service, or GraphQL endpoint

items.details.endpoint_locations.type

string

"http", "grpc", or "graphql"

items.details.exploit_feasibility

string

items.details.exploit_walkthrough

string

items.details.fixed_code

string

items.details.location

object

Show child attributes

items.details.location.class_name

string

items.details.location.file_path

string

items.details.location.hash

string

items.details.location.line_number

integer

items.details.location.method_name

string

items.details.location.url

string

items.details.remediation

string

items.details.remediation_effort

string

items.details.severity

string

items.details.supporting_files

object[]

Show child attributes

items.details.supporting_files.class_name

string

items.details.supporting_files.file_path

string

items.details.supporting_files.hash

string

items.details.supporting_files.line_number

integer

items.details.supporting_files.method_name

string

items.details.supporting_files.url

string

items.details.title

string

items.details.validation_evidence

object[]

Show child attributes

items.details.validation_evidence.criteria

string

items.details.validation_evidence.rationale

string

items.id

string

items.organization_id

string

items.project

object

Show child attributes

items.project.id

string

items.project.name

string

items.project.purpose

string

items.repo

object

Repo and project details

Show child attributes

items.repo.id

string

items.repo.name

string

items.repo.provider

string

items.repo.url

string

items.scan_details

object

Scan details

Show child attributes

items.scan_details.analyzed_at

string

items.scan_details.rejected_at

string

items.scan_details.scan_id

string

items.scan_details.verified_at

string

items.status

string

Status and timestamps

items.updated_at

string

items.user_status

string

next_cursor

string

Cursor for the next page

Example:

"eyJzb3J0X3ZhbHVlIjoiMjAyNC0wMS0xNVQxMDozMDowMFoiLCJkb2N1bWVudF9pZCI6InJlcG8xMjMiLCJzb3J0X2ZpZWxkIjoiY3JlYXRlZF9hdCJ9"

total

integer

Total count of items (if available)

Example:

250

Get findings countGet the total count of findings with optional filters

⌘I

Get findings

curl --request GET \
  --url https://api.ghostsecurity.ai/v2/findings \
  --header 'Authorization: Bearer <token>'

{
  "has_more": true,
  "items": [
    {
      "agent": {
        "custom_agent_vector_id": "<string>",
        "description": "<string>",
        "name": "<string>",
        "vector": "<string>"
      },
      "created_at": "<string>",
      "details": {
        "code": "<string>",
        "description": "<string>",
        "endpoint_locations": [
          {
            "action": "<string>",
            "path": "<string>",
            "type": "<string>"
          }
        ],
        "exploit_feasibility": "<string>",
        "exploit_walkthrough": "<string>",
        "fixed_code": "<string>",
        "location": {
          "class_name": "<string>",
          "file_path": "<string>",
          "hash": "<string>",
          "line_number": 123,
          "method_name": "<string>",
          "url": "<string>"
        },
        "remediation": "<string>",
        "remediation_effort": "<string>",
        "severity": "<string>",
        "supporting_files": [
          {
            "class_name": "<string>",
            "file_path": "<string>",
            "hash": "<string>",
            "line_number": 123,
            "method_name": "<string>",
            "url": "<string>"
          }
        ],
        "title": "<string>",
        "validation_evidence": [
          {
            "criteria": "<string>",
            "rationale": "<string>"
          }
        ]
      },
      "id": "<string>",
      "organization_id": "<string>",
      "project": {
        "id": "<string>",
        "name": "<string>",
        "purpose": "<string>"
      },
      "repo": {
        "id": "<string>",
        "name": "<string>",
        "provider": "<string>",
        "url": "<string>"
      },
      "scan_details": {
        "analyzed_at": "<string>",
        "rejected_at": "<string>",
        "scan_id": "<string>",
        "verified_at": "<string>"
      },
      "status": "<string>",
      "updated_at": "<string>",
      "user_status": "<string>"
    }
  ],
  "next_cursor": "eyJzb3J0X3ZhbHVlIjoiMjAyNC0wMS0xNVQxMDozMDowMFoiLCJkb2N1bWVudF9pZCI6InJlcG8xMjMiLCJzb3J0X2ZpZWxkIjoiY3JlYXRlZF9hdCJ9",
  "total": 250
}

API Reference

API Endpoints

Authorizations

Query Parameters

Response