{"id":"snyk-api","name":"Snyk API","homepage":"https://docs.snyk.io/snyk-api","repo_url":null,"category":"security","subcategories":["security","dependency-scanning","sast","devSecOps"],"tags":["snyk","security","dependency-scanning","sast","container-security","iac-security","rest-api"],"what_it_does":"Snyk's REST API provides programmatic access to developer security scanning results across four product lines: Snyk Open Source (dependency vulnerability scanning across npm, PyPI, Maven, Go, Ruby, and 20+ ecosystems), Snyk Code (AI-powered SAST for first-party code), Snyk Container (container image and Dockerfile scanning), and Snyk IaC (Terraform, Kubernetes, CloudFormation security). The API enables querying findings, managing projects, triggering scans, and integrating security data into CI/CD pipelines, SOAR workflows, and security dashboards. Snyk maintains one of the largest proprietary vulnerability databases, often providing fix guidance and prioritization intelligence beyond raw CVE data.","use_cases":["Querying vulnerability reports for dependencies across projects","Integrating security scan results into CI/CD pipeline dashboards","Automating issue triage and prioritization workflows","Monitoring license compliance across open-source dependencies","Building security posture reports for engineering and security teams"],"not_for":["Runtime application security monitoring (use Snyk's runtime product)","Penetration testing or dynamic analysis","Teams without Snyk subscriptions (free tier very limited)","Network security or SIEM use cases"],"best_when":"You need to programmatically access and act on dependency vulnerability data integrated into developer workflows.","avoid_when":"You need runtime security monitoring or comprehensive DAST/penetration testing capabilities.","alternatives":[{"id":"semgrep-api","reason":"Better for custom SAST rules and first-party code analysis without per-developer pricing"},{"id":"socket-api","reason":"Better for supply chain attack detection beyond CVEs — catches malicious package behavior"},{"id":"github-rest-api","reason":"GitHub Dependabot provides free CVE-based dependency alerts natively within GitHub workflows"}],"af_score":79.7,"security_score":null,"reliability_score":null,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":"current","last_evaluated":"2026-03-01T09:50:06.232180+00:00","performance":{"latency_p50_ms":400,"latency_p99_ms":2000,"uptime_sla_percent":99.5,"rate_limits":"1200 API requests/minute per token","data_source":"llm_estimated","measured_on":null}}