Feature Request: Implement additional Incident-related API endpoints

[jlrivera81]

After #75 was fixed, I tested the MCP functionality with these prompts:

• "Show me the top 10 most recent incidents in table format, ordered by severity and triggered_at" → ✅ Works
• "Dive into the first one on the list. Fetch all the details for that ID" → ❌ Fails (pagination takes too long)

Goals

As a security admin, I would like to be able to:

1. Query incidents by source, tags, and other filters
2. Drill down into specific incidents without pagination
3. Ignore/resolve incidents directly via MCP (especially for bulk handling TEST_FILE secrets)

---

Feature Requests

The GitGuardian API supports single-incident operations that would enable the workflows above:

• get_incident(incident_id) - Retrieve a single incident with occurrences

  • GET /v1/incidents/secrets/{incident_id}
  • Would allow drilling down into specific incidents without paginating through all occurrences

• ignore_incident(incident_id, reason) - Ignore an incident

  • POST /v1/incidents/secrets/{incident_id}/ignore
  • Would enable bulk ignoring of TEST_FILE tagged secrets

• resolve_incident(incident_id) - Resolve an incident

  • POST /v1/incidents/secrets/{incident_id}/resolve

Would it be possible to implement these endpoints ? Would api-tokens need to have specific scopes ?