feat: Gophish Integration #4
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![cubic-dev-local[bot]](https://avatars.githubusercontent.com/u/189440881?s=60&v=4){kind=small}
…for campaign data
…aign from Gophish API
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
5 issues found across 3 files
Prompt for AI agents (all 5 issues)
Understand the root cause of the following 5 issues and fix them.
<file name="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/get_campaign_results.yml">
<violation number="1" location="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/get_campaign_results.yml:6">
doc_url points to the campaigns listing docs, not the results endpoint. Update it to the section covering `/api/campaigns/{id}/results` so users land on the correct API reference.</violation>
<violation number="2" location="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/get_campaign_results.yml:29">
The `get_campaign_results` action returns all results without pagination, which is inconsistent with the pattern seen in `list_campaigns` (which trims data) and many other integrations. This can lead to performance issues with large campaigns. Please add pagination support (e.g., a `limit` parameter) to align with established patterns in the repository.</violation>
</file>
<file name="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml">
<violation number="1" location="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml:21">
Trailing slash in URL is inconsistent with other Gophish endpoints; consider removing it for consistency and to avoid potential double slashes.
DEV MODE: This violation would have been filtered out by GPT-5.
Reasoning:
• **GPT-5**: Trailing slash inconsistency is stylistic; negligible functional risk.</violation>
<violation number="2" location="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml:26">
Spelling: "exeed" should be "exceed" (appears twice).</violation>
<violation number="3" location="packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml:35">
Direct key access may raise KeyError if a campaign object lacks id or name. Use .get(...) for safer extraction.
DEV MODE: This violation would have been filtered out by GPT-5.
Reasoning:
• **GPT-5**: Direct key access is fine given Gophish schema (id and name present). Using .get would hide issues; low impact.</violation>
</file>
React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.
| method: GET | ||
| headers: | ||
| Authorization: Bearer ${{ SECRETS.gophish.GOPHISH_API_KEY }} | ||
| returns: ${{ steps.get_campaign_results.result.data }} |
There was a problem hiding this comment.
The get_campaign_results action returns all results without pagination, which is inconsistent with the pattern seen in list_campaigns (which trims data) and many other integrations. This can lead to performance issues with large campaigns. Please add pagination support (e.g., a limit parameter) to align with established patterns in the repository.
Prompt for AI agents
Address the following comment on packages/tracecat-registry/tracecat_registry/templates/tools/gophish/get_campaign_results.yml at line 29:
<comment>The `get_campaign_results` action returns all results without pagination, which is inconsistent with the pattern seen in `list_campaigns` (which trims data) and many other integrations. This can lead to performance issues with large campaigns. Please add pagination support (e.g., a `limit` parameter) to align with established patterns in the repository.</comment>
<file context>
@@ -0,0 +1,29 @@
+ method: GET
+ headers:
+ Authorization: Bearer ${{ SECRETS.gophish.GOPHISH_API_KEY }}
+ returns: ${{ steps.get_campaign_results.result.data }}
</file context>
[internal] Confidence score: 9/10
[internal] Posted by: System Design Agent
| title: Get campaign results | ||
| description: Get a campaign's results from Gophish. | ||
| display_group: Gophish | ||
| doc_url: https://docs.getgophish.com/api-documentation/campaigns#get-campaigns |
There was a problem hiding this comment.
doc_url points to the campaigns listing docs, not the results endpoint. Update it to the section covering /api/campaigns/{id}/results so users land on the correct API reference.
Prompt for AI agents
Address the following comment on packages/tracecat-registry/tracecat_registry/templates/tools/gophish/get_campaign_results.yml at line 6:
<comment>doc_url points to the campaigns listing docs, not the results endpoint. Update it to the section covering `/api/campaigns/{id}/results` so users land on the correct API reference.</comment>
<file context>
@@ -0,0 +1,29 @@
+ title: Get campaign results
+ description: Get a campaign's results from Gophish.
+ display_group: Gophish
+ doc_url: https://docs.getgophish.com/api-documentation/campaigns#get-campaigns
+ namespace: tools.gophish
+ name: get_campaign_results
</file context>
[internal] Confidence score: 7/10
[internal] Posted by: General AI Review Agent
| - ref: list_campaigns | ||
| action: core.http_request | ||
| args: | ||
| url: ${{ inputs.base_url }}/api/campaigns/ |
There was a problem hiding this comment.
Trailing slash in URL is inconsistent with other Gophish endpoints; consider removing it for consistency and to avoid potential double slashes.
DEV MODE: This violation would have been filtered out by GPT-5.
Reasoning:
• GPT-5: Trailing slash inconsistency is stylistic; negligible functional risk.
Prompt for AI agents
Address the following comment on packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml at line 21:
<comment>Trailing slash in URL is inconsistent with other Gophish endpoints; consider removing it for consistency and to avoid potential double slashes.
DEV MODE: This violation would have been filtered out by GPT-5.
Reasoning:
• **GPT-5**: Trailing slash inconsistency is stylistic; negligible functional risk.</comment>
<file context>
@@ -0,0 +1,38 @@
+ - ref: list_campaigns
+ action: core.http_request
+ args:
+ url: ${{ inputs.base_url }}/api/campaigns/
+ method: GET
+ headers:
</file context>
[internal] Confidence score: 6/10
[internal] Posted by: General AI Review Agent
| headers: | ||
| Authorization: Bearer ${{ SECRETS.gophish.GOPHISH_API_KEY }} | ||
|
|
||
| # This is needed because the API will return results and timelines for all campaigns. This can exeed the max size of workflow data steps very easily. For example a campaign with 1,000 recipients will return 11,000 lines of just results, in addition to the at least 1000 timeline items which are each another 8 lines of data. Very quickly this can exeed the max size of workflow data steps. |
There was a problem hiding this comment.
Spelling: "exeed" should be "exceed" (appears twice).
Prompt for AI agents
Address the following comment on packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml at line 26:
<comment>Spelling: "exeed" should be "exceed" (appears twice).</comment>
<file context>
@@ -0,0 +1,38 @@
+ headers:
+ Authorization: Bearer ${{ SECRETS.gophish.GOPHISH_API_KEY }}
+
+ # This is needed because the API will return results and timelines for all campaigns. This can exeed the max size of workflow data steps very easily. For example a campaign with 1,000 recipients will return 11,000 lines of just results, in addition to the at least 1000 timeline items which are each another 8 lines of data. Very quickly this can exeed the max size of workflow data steps.
+ - ref: parse_campaigns_list
+ action: core.script.run_python
</file context>
[internal] Confidence score: 10/10
[internal] Posted by: General AI Review Agent
Suggested change
| # This is needed because the API will return results and timelines for all campaigns. This can exeed the max size of workflow data steps very easily. For example a campaign with 1,000 recipients will return 11,000 lines of just results, in addition to the at least 1000 timeline items which are each another 8 lines of data. Very quickly this can exeed the max size of workflow data steps. | |
| # This is needed because the API will return results and timelines for all campaigns. This can exceed the max size of workflow data steps very easily. For example a campaign with 1,000 recipients will return 11,000 lines of just results, in addition to the at least 1000 timeline items which are each another 8 lines of data. Very quickly this can exceed the max size of workflow data steps. |
| script: | | ||
| def main(data): | ||
| return [ | ||
| {"id": campaign["id"], "name": campaign["name"]} |
There was a problem hiding this comment.
Direct key access may raise KeyError if a campaign object lacks id or name. Use .get(...) for safer extraction.
DEV MODE: This violation would have been filtered out by GPT-5.
Reasoning:
• GPT-5: Direct key access is fine given Gophish schema (id and name present). Using .get would hide issues; low impact.
Prompt for AI agents
Address the following comment on packages/tracecat-registry/tracecat_registry/templates/tools/gophish/list_campaigns.yml at line 35:
<comment>Direct key access may raise KeyError if a campaign object lacks id or name. Use .get(...) for safer extraction.
DEV MODE: This violation would have been filtered out by GPT-5.
Reasoning:
• **GPT-5**: Direct key access is fine given Gophish schema (id and name present). Using .get would hide issues; low impact.</comment>
<file context>
@@ -0,0 +1,38 @@
+ script: |
+ def main(data):
+ return [
+ {"id": campaign["id"], "name": campaign["name"]}
+ for campaign in data
+ ]
</file context>
[internal] Confidence score: 7/10
[internal] Posted by: General AI Review Agent
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Created an integration for Gophish which is an Open-Source Phishing Framework.
Created all commands and documented that are in the API Docs: https://docs.getgophish.com/api-documentation/
List of Commands:
gophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishgophishScreenshots / Recordings
Steps to QA
Run the following Workflow:
testing-gophish.yaml
Summary by cubic
Adds a full Gophish integration to manage campaigns, groups, landing pages, sending profiles, and templates. Also updates docs and adds a Gophish icon.
New Features
Migration