List all versions of a container package using GET https://api.github.com/orgs/<ORG>/packages/container/<PACKAGE_NAME>/versions with a token that has packages:read scope
Parse the response array to identify version IDs by tag name, digest, or creation date — the version ID is the numeric id field in each version object
Delete a specific version using DELETE https://api.github.com/orgs/<ORG>/packages/container/<PACKAGE_NAME>/versions/<VERSION_ID> with a token holding packages:delete and packages:read scopes
For user-owned packages (not org), use the /user/packages/container/<PACKAGE_NAME>/versions endpoint pattern instead of /orgs/<ORG>/...
Automate bulk untagged image cleanup in a GitHub Actions workflow by iterating the versions list, filtering for versions with an empty metadata.container.tags array, and deleting those version IDs
Known gotchas
The packages:delete scope alone is insufficient; the token must also include packages:read and, for packages linked to a private repository, the repo scope
Deleting the last version of a package deletes the package itself and cannot be undone unless restored within 30 days via the restore endpoint; test with list calls before bulk deletion
Organization packages require the calling user to have admin permissions on the package; organization owners or a PAT with org admin rights is typically required
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp