I’m running into a variant of this same absence when it comes to the API.
For example, here is the documentation on manually creating a security advisory:
There is this note:
Note: If you are a security researcher, you should directly contact maintainers to ask them to create security advisories or issue CVEs on your behalf in repositories that you don’t administer.
I’d like to create tooling so that if someone submits an email or a form through a portal, that we can use the API to create the draft of a security advisory automatically. Is there a way to open a feature request on this, or see whether the GitHub API has a roadmap including managing security advisories?