naftiko: 1.0.0-alpha2 info: label: Socket Org Settings Security Policy description: Socket org settings security policy business capability. Self-contained Naftiko capability covering one Socket business surface. tags: - Socket - Supply Chain Security - Org - Settings - Security - Policy created: '2026-05-25' modified: '2026-05-25' binds: - namespace: env keys: SOCKET_API_KEY: SOCKET_API_KEY capability: consumes: - type: http namespace: org-settings-security-policy baseUri: https://api.socket.dev/v0 description: Socket org settings security policy business capability. Self-contained, no shared references. resources: - name: orgs-org-slug-settings-security-policy path: /orgs/{org_slug}/settings/security-policy operations: - name: get-orgs-org-slug-settings-security-policy method: GET description: Get Organization Security Policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: org_slug in: path type: string description: The slug of the organization required: true - name: custom_rules_only in: query type: boolean description: Return only customized security policy rules. required: false - name: post-orgs-org-slug-settings-security-policy method: POST description: Update Security Policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: org_slug in: path type: string description: The slug of the organization required: true - name: custom_rules_only in: query type: boolean description: Return only customized security policy rules in the response. required: false - name: body in: body type: object description: Request body (JSON). required: true authentication: type: basic username: '{{env.SOCKET_API_KEY}}' password: '' description: Socket authenticates via HTTP Basic with the API key as the username and empty password. exposes: - type: rest namespace: org-settings-security-policy-rest port: 8080 description: REST adapter for Socket org settings security policy. resources: - path: /v1/orgs/{org_slug}/settings/security-policy name: orgs-org-slug-settings-security-policy description: REST surface for orgs-org-slug-settings-security-policy. operations: - method: GET name: get-orgs-org-slug-settings-security-policy description: Get Organization Security Policy call: org-settings-security-policy.get-orgs-org-slug-settings-security-policy with: org_slug: rest.path.org_slug custom_rules_only: rest.query.custom_rules_only outputParameters: - type: object mapping: $. - method: POST name: post-orgs-org-slug-settings-security-policy description: Update Security Policy call: org-settings-security-policy.post-orgs-org-slug-settings-security-policy with: org_slug: rest.path.org_slug custom_rules_only: rest.query.custom_rules_only body: rest.body.body outputParameters: - type: object mapping: $. - type: mcp namespace: org-settings-security-policy-mcp port: 9090 transport: http description: MCP adapter for Socket org settings security policy. tools: - name: socket-get-orgs-org-slug-settings-security-policy description: Get Organization Security Policy hints: readOnly: true destructive: false idempotent: true call: org-settings-security-policy.get-orgs-org-slug-settings-security-policy with: org_slug: tools.org_slug custom_rules_only: tools.custom_rules_only outputParameters: - type: object mapping: $. - name: socket-post-orgs-org-slug-settings-security-policy description: Update Security Policy hints: readOnly: false destructive: false idempotent: false call: org-settings-security-policy.post-orgs-org-slug-settings-security-policy with: org_slug: tools.org_slug custom_rules_only: tools.custom_rules_only body: tools.body outputParameters: - type: object mapping: $.