Built by Metorial, the integration platform for agentic AI.
Retrieve detailed code analysis results for a specific repository including quality grade, issues, complexity, duplication, coverage, and analysis progress. Provides a comprehensive quality overview of the repository.
Search software bill of materials (SBOM) dependencies across your organization. Find specific dependencies (e.g. "log4j"), filter by vulnerability severity, and identify which repositories use a given dependency.
Enable, disable, or configure a static analysis tool for a repository. Can toggle the tool on/off and set whether it should use a configuration file from the repository. Use the "List Repository Tools" tool first to find tool UUIDs.
List repositories in the configured organization with their analysis information including quality grade, issue counts, coverage, complexity, and duplication metrics. Can filter by name and supports pagination.
Search and filter security findings (SRM items) across your organization. Includes SAST issues, secrets detection, dependency vulnerabilities, IaC scanning, DAST findings, and more. Filter by priority, status, scan type, repository, and category.
Retrieve detailed analysis results for a specific pull request, including quality gate status, new/fixed issues, coverage metrics, and affected files. Optionally includes the list of issues found in the PR.
List coding standards configured for the organization. Coding standards define which tools and patterns are used for analysis, ensuring consistent code quality across repositories. Shows drafts and effective standards.
List pull requests for a repository with their analysis status. Returns PR title, status, quality gate results, and issue counts. Useful for monitoring PR quality across a repository.
Search and filter code quality issues in a repository. Filter by severity level (Error, Warning, Info), category (Security, CodeStyle, ErrorProne, etc.), language, branch, pattern, and author. Returns issue details including file path, line number, message, tool, and severity.
Add a repository to Codacy for code analysis. Requires admin permissions on the repository in the Git provider. Specify the provider and the full repository path (e.g. "organization/repo-name").
Create, list, or delete repository API tokens. Repository tokens provide scoped access to a single repository and are commonly used for uploading coverage data via the Codacy Coverage Reporter.
Retrieve analysis results for a specific commit, including quality metrics, issues introduced, and coverage data. Can also list recent commits with their analysis status for a repository.
List all Codacy organizations the authenticated user belongs to. Returns organization names, providers, and membership details. Useful for discovering available organizations before performing repository-level operations.
List files in a repository with their code quality metrics including grade, number of issues, complexity, coverage, and duplication. Useful for identifying problematic files in a codebase.
List members of the configured Codacy organization. Supports filtering by name/email and pagination. Returns member details including name, email, and role.
Create, list, delete, or trigger scans on DAST (Dynamic Application Security Testing) targets. DAST targets can be web applications or APIs (REST with OpenAPI spec or GraphQL). Use this to manage security scanning of your web applications and APIs.
List the static analysis tools configured for a repository, including their enabled/disabled status. Shows which analysis tools (e.g. ESLint, PMD, Pylint) are active and whether they use configuration files from the repository.