{
  "$schema": "../../profile-schema.json",
  "profile_name": "seznam-security",
  "profile_id": "seznam-security",
  "openapi_spec_path": "./security-openapi.json",
  "description": "Read-only profile for Vulnerability Management API health, reports, and metrics retrieval.",
  "parameter_aliases": {
    "token": ["report_token"]
  },
  "tools": [
    {
      "name": "retrieve_content",
      "description": "Read-only access to Vulnerability Management API endpoints. Actions: 'healthcheck', 'get_reports', 'get_reports_metrics'.",
      "metadata_params": ["action"],
      "operations": {
        "healthcheck": "get_/healthcheck",
        "get_reports": "get_/reports/{token}",
        "get_reports_metrics": "get_/reports/metrics"
      },
      "response_fields": {
        "healthcheck": ["status"],
        "get_reports": ["reports"]
      },
      "parameters": {
        "action": {
          "type": "string",
          "enum": ["healthcheck", "get_reports", "get_reports_metrics"],
          "description": "Action to perform",
          "required": true
        },
        "token": {
          "type": "string",
          "description": "Access token for reports endpoint path",
          "required_for": ["get_reports"]
        },
        "source": {
          "type": "string",
          "description": "Finding source filter: sast, sca, defectdojo, or comma-separated values"
        }
      }
    }
  ],
  "interceptors": {
    "auth": {
      "type": "bearer",
      "value_from_env": "SECURITY_TOKEN"
    },
    "base_url": {
      "value_from_env": "SECURITY_API_BASE_URL"
    },
    "retry": {
      "max_attempts": 3,
      "backoff_ms": [1000, 2000, 4000],
      "retry_on_status": [429, 502, 503, 504]
    }
  }
}