{"id":41463745,"url":"https://github.com/docker/cagent-action","last_synced_at":"2026-03-04T10:00:36.670Z","repository":{"id":324060109,"uuid":"1072948712","full_name":"docker/cagent-action","owner":"docker","description":"A GitHub Action for running cagent AI agents in your workflows.","archived":false,"fork":false,"pushed_at":"2026-03-03T09:49:32.000Z","size":223,"stargazers_count":16,"open_issues_count":5,"forks_count":4,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-03-03T12:59:31.448Z","etag":null,"topics":["ai-agents","github-actions"],"latest_commit_sha":null,"homepage":"https://www.docker.com","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/docker.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-09T12:34:19.000Z","updated_at":"2026-03-03T09:49:34.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/docker/cagent-action","commit_stats":null,"previous_names":["docker/cagent-action"],"tags_count":24,"template":false,"template_full_name":null,"purl":"pkg:github/docker/cagent-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcagent-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcagent-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcagent-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcagent-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker","download_url":"https://codeload.github.com/docker/cagent-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcagent-action/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30078306,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-04T08:01:56.766Z","status":"ssl_error","status_checked_at":"2026-03-04T08:00:42.919Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","github-actions"],"created_at":"2026-01-23T16:14:23.978Z","updated_at":"2026-03-04T10:00:36.653Z","avatar_url":"https://github.com/docker.png","language":"Shell","readme":"# cagent GitHub Action\n\nA GitHub Action for running [cagent](https://github.com/docker/cagent) AI agents in your workflows. This action simplifies the setup and execution of cagent, handling binary downloads and environment configuration automatically.\n\n## Quick Start\n\n1. **Add the action to your workflow**:\n\n ```yaml\n - uses: docker/cagent-action@latest\n with:\n agent: path/to/agent.yaml\n prompt: \"Analyze this code\"\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n ```\n\n2. **Configure API key** in your repository settings:\n\n - Go to `Settings` → `Secrets and variables` → `Actions`\n - Add `ANTHROPIC_API_KEY` (or another provider's key) from [Anthropic Console](https://console.anthropic.com/)\n\n3. **That's it!** The action will automatically:\n - Download the cagent binary\n - Run your specified agent\n - Scan outputs for leaked secrets\n - Provide results in workflow logs\n\n## 🔒 Security Features\n\nThis action includes **built-in security features for all agent executions**:\n\n- **Secret Leak Prevention**: Scans all agent outputs for API keys and tokens (Anthropic, OpenAI, GitHub)\n- **Prompt Injection Detection**: Warns about suspicious patterns in user prompts\n- **Automatic Incident Response**: Creates security issues and fails workflows when secrets are detected\n\nSee [security/README.md](security/README.md) for complete security documentation.\n\n## Usage\n\n### AI-Powered PR Reviews\n\nFor automated pull request reviews with a multi-agent system, see the [PR Review workflow documentation](review-pr/README.md). The workflow supports:\n\n- Automatic reviews when PRs are opened\n- Manual `/review` command in PR comments\n- Learning from feedback to improve future reviews\n- Customizable review guidelines per language/project\n\n**Quick setup:** Add a workflow file that calls our reusable workflow:\n\n```yaml\nname: PR Review\non:\n issue_comment: # Enables /review command in PR comments\n types: [created]\n pull_request_review_comment: # Captures feedback on review comments for learning\n types: [created]\n pull_request_target: # Triggers auto-review on PR open; uses base branch context so secrets work with forks\n types: [ready_for_review, opened]\n\npermissions:\n contents: read # This is required to be a top-level permission to give `issue_comment` events (on forked PRs) access to the secrets below.\n\njobs:\n review:\n uses: docker/cagent-action/.github/workflows/review-pr.yml@latest\n # Scoped to the job so other jobs in this workflow aren't over-permissioned\n permissions:\n contents: read # Read repository files and PR diffs\n pull-requests: write # Post review comments and approve/request changes\n issues: write # Create security incident issues if secrets are detected in output\n secrets:\n ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}\n CAGENT_ORG_MEMBERSHIP_TOKEN: ${{ secrets.CAGENT_ORG_MEMBERSHIP_TOKEN }} # PAT with read:org scope; gates auto-reviews to org members only\n CAGENT_REVIEWER_APP_ID: ${{ secrets.CAGENT_REVIEWER_APP_ID }} # GitHub App ID; reviews appear as your app instead of github-actions[bot]\n CAGENT_REVIEWER_APP_PRIVATE_KEY: ${{ secrets.CAGENT_REVIEWER_APP_PRIVATE_KEY }} # GitHub App private key; paired with App ID above\n```\n\nSee the [full PR Review documentation](review-pr/README.md) for more details.\n\n### Using a Local Agent File\n\n```yaml\n- name: Run Custom Agent\n uses: docker/cagent-action@latest\n with:\n agent: ./agents/my-agent.yaml\n prompt: \"Analyze the codebase\"\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n```\n\n### Advanced Configuration\n\n```yaml\n- name: Run cagent with Custom Settings\n uses: docker/cagent-action@latest\n with:\n agent: docker/code-analyzer\n prompt: \"Analyze this codebase\"\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n cagent-version: v1.23.4\n mcp-gateway: true # Set to true to install mcp-gateway\n mcp-gateway-version: v0.22.0\n yolo: false # Require manual approval\n timeout: 600 # 10 minute timeout\n debug: true # Enable debug logging\n quiet: false # Show verbose tool calls (default: true)\n working-directory: ./src\n extra-args: \"--verbose\"\n add-prompt-files: \"AGENTS.md,CLAUDE.md\" # Append these files to the prompt\n```\n\n### Using Outputs\n\n```yaml\n- name: Run cagent\n id: agent\n uses: docker/cagent-action@latest\n with:\n agent: docker/code-analyzer\n prompt: \"Analyze this codebase\"\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n\n- name: Check execution time\n run: |\n echo \"Agent took ${{ steps.agent.outputs.execution-time }} seconds\"\n if [ \"${{ steps.agent.outputs.execution-time }}\" -gt 300 ]; then\n echo \"Warning: Agent took longer than 5 minutes\"\n fi\n\n- name: Upload output log\n if: always()\n uses: actions/upload-artifact@v4\n with:\n name: agent-output\n path: ${{ steps.agent.outputs.output-file }}\n```\n\n## Inputs\n\n| Input | Description | Required | Default |\n| --------------------- | ------------------------------------------------------------------------------------ | -------- | ------------------------------- |\n| `agent` | Agent identifier (e.g., `docker/code-analyzer`) or path to `.yaml` file | Yes | - |\n| `prompt` | Prompt to pass to the agent | No | - |\n| `cagent-version` | Version of cagent to use | No | `v1.23.4` |\n| `mcp-gateway` | Install mcp-gateway (`true`/`false`) | No | `false` |\n| `mcp-gateway-version` | Version of mcp-gateway to use (specifying this will enable mcp-gateway installation) | No | `v0.22.0` |\n| `anthropic-api-key` | Anthropic API key for Claude models (at least one API key required) | No* | - |\n| `openai-api-key` | OpenAI API key (at least one API key required) | No* | - |\n| `google-api-key` | Google API key for Gemini models (at least one API key required) | No* | - |\n| `aws-bearer-token-bedrock` | AWS Bearer token for Bedrock models (at least one API key required) | No* | - |\n| `xai-api-key` | xAI API key for Grok models (at least one API key required) | No* | - |\n| `nebius-api-key` | Nebius API key (at least one API key required) | No* | - |\n| `mistral-api-key` | Mistral API key (at least one API key required) | No* | - |\n| `github-token` | GitHub token for API access | No | `github.token` |\n| `github-app-id` | GitHub App ID for custom identity (comments/reviews appear as the app) | No | - |\n| `github-app-private-key` | GitHub App private key (required if `github-app-id` is provided) | No | - |\n| `timeout` | Timeout in seconds for agent execution (0 for no timeout) | No | `0` |\n| `debug` | Enable debug mode with verbose logging (`true`/`false`) | No | `false` |\n| `working-directory` | Working directory to run the agent in | No | `.` |\n| `yolo` | Auto-approve all prompts (`true`/`false`) | No | `true` |\n| `quiet` | Suppress verbose tool call output (`true`/`false`). Set to `false` for debugging. | No | `true` |\n| `max-retries` | Maximum number of retries on failure (0 = no retries) | No | `2` |\n| `retry-delay` | Seconds to wait between retries | No | `5` |\n| `extra-args` | Additional arguments to pass to `cagent run` | No | - |\n| `add-prompt-files` | Comma-separated list of files to append to the prompt (e.g., `AGENTS.md,CLAUDE.md`) | No | - |\n\n### Prompt Files (`add-prompt-files`)\n\nThe `add-prompt-files` input allows you to include additional context files (like `AGENTS.md`, `CLAUDE.md`) as system messages. This uses cagent's `--prompt-file` flag under the hood.\n\n**File Resolution (handled by cagent):**\n- Searches up the directory hierarchy (like `.gitignore`)\n- Also checks the home folder (`~/`)\n- Files are added as system messages, not appended to the user prompt\n\n**Examples:**\n\n```yaml\n# Single file\nadd-prompt-files: \"AGENTS.md\"\n\n# Multiple files\nadd-prompt-files: \"AGENTS.md,CLAUDE.md\"\n\n# With custom working directory\nworking-directory: ./src\nadd-prompt-files: \"AGENTS.md\" # Found via hierarchy search\n```\n\n## Outputs\n\n| Output | Description |\n| ----------------------- | -------------------------------------------------------- |\n| `exit-code` | Exit code from cagent run |\n| `output-file` | Path to the output log file |\n| `cagent-version` | Version of cagent that was used |\n| `mcp-gateway-installed` | Whether mcp-gateway was installed (`true`/`false`) |\n| `execution-time` | Agent execution time in seconds |\n| `secrets-detected` | Whether secrets were detected in output |\n| `prompt-suspicious` | Whether suspicious patterns were detected in user prompt |\n\n## API Keys\n\n**At least one API key is required.** The action validates this at startup and fails fast with a clear error if no API key is provided.\n\nSupported providers:\n- **Anthropic** (`anthropic-api-key`): Claude models - [Get API key](https://console.anthropic.com/)\n- **OpenAI** (`openai-api-key`): GPT models - [Get API key](https://platform.openai.com/)\n- **Google** (`google-api-key`): Gemini models - [Get API key](https://aistudio.google.com/)\n- **AWS Bedrock** (`aws-bearer-token-bedrock`): Various models via AWS\n- **xAI** (`xai-api-key`): Grok models - [Get API key](https://console.x.ai/)\n- **Nebius** (`nebius-api-key`): Nebius models\n- **Mistral** (`mistral-api-key`): Mistral models - [Get API key](https://console.mistral.ai/)\n\n## Permissions\n\nFor GitHub integration features (commenting on PRs, creating issues), ensure your workflow has appropriate permissions:\n\n```yaml\npermissions:\n contents: read\n pull-requests: write\n issues: write\n```\n\n\n## Examples\n\n### Multiple Agents in a Workflow\n\n```yaml\nname: AI Code Review\non:\n pull_request:\n types: [opened]\n\njobs:\n review:\n runs-on: ubuntu-latest\n permissions:\n contents: read\n pull-requests: write\n\n steps:\n - uses: actions/checkout@v4\n\n - name: Security Review\n uses: docker/cagent-action@latest\n with:\n agent: docker/github-action-security-scanner\n prompt: \"Analyze for security issues\"\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n\n - name: Code Quality Analysis\n uses: docker/cagent-action@latest\n with:\n agent: docker/code-quality-analyzer\n prompt: \"Analyze code quality and best practices\"\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n```\n\n### PR Review Workflow\n\nFor comprehensive documentation on setting up AI-powered PR reviews, including features like automatic reviews, the `/review` command, feedback learning, and customization options, see the **[PR Review documentation](review-pr/README.md)**.\n\n### Manual Trigger with Inputs\n\n```yaml\nname: Manual Agent Run\non:\n workflow_dispatch:\n inputs:\n agent:\n description: \"Agent to run\"\n required: true\n default: \"docker/code-analyzer\"\n prompt:\n description: \"Prompt for the agent\"\n required: true\n\njobs:\n run:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - name: Run Agent\n uses: docker/cagent-action@latest\n with:\n agent: ${{ github.event.inputs.agent }}\n prompt: ${{ github.event.inputs.prompt }}\n anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}\n```\n\n## Contributing\n\nWe welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details on:\n\n- Setting up your development environment\n- Running tests\n- Submitting pull requests\n- Reporting security issues\n\nPlease also read our [Code of Conduct](CODE_OF_CONDUCT.md).\n\n## Support\n\n- 📖 [Documentation](README.md)\n- 🐛 [Report Issues](https://github.com/docker/cagent-action/issues)\n- 💬 [Discussions](https://github.com/docker/cagent-action/discussions)\n- 🔒 [Security Policy](security/README.md)\n\n## License\n\nThis project is licensed under the Apache License 2.0 - see the [LICENSE](LICENSE) file for details.\n\n## Links\n\n- [cagent Repository](https://github.com/docker/cagent)\n- [MCP Gateway Repository](https://github.com/docker/mcp-gateway)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdocker%2Fcagent-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdocker%2Fcagent-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdocker%2Fcagent-action/lists"}