https://github.com/hi120ki/security-pr-agent

Security-focused PR review tool based on PR Agent
https://github.com/hi120ki/security-pr-agent

Last synced: 5 months ago
JSON representation

Security-focused PR review tool based on PR Agent

• Host: GitHub
• URL: https://github.com/hi120ki/security-pr-agent
• Owner: hi120ki
• License: apache-2.0
• Created: 2025-04-24T10:26:44.000Z (6 months ago)
• Default Branch: main
• Last Pushed: 2025-04-24T12:03:08.000Z (6 months ago)
• Last Synced: 2025-04-24T12:49:51.561Z (6 months ago)
• Language: Shell
• Homepage:
• Size: 11.7 KB
• Stars: 0
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Security PR Agent

[![Patch and Push Docker Image](https://github.com/hi120ki/security-pr-agent/actions/workflows/push-image.yaml/badge.svg)](https://github.com/hi120ki/security-pr-agent/actions/workflows/push-image.yaml)

This project is a security-focused PR review tool based on [PR Agent](https://github.com/Codium-ai/pr-agent). It automatically analyzes PR changes and provides comprehensive reviews from a security perspective.

## Key Features

- Security-focused PR Review

  - Authentication & Authorization Issues

  - Input Validation & Sanitization

  - Data Protection

  - API Security

  - Web Security

  - Infrastructure & Configuration

  - Dependency Management

## Usage

### Setup GitHub Actions Workflow for OpenAI

```yaml

name: Security PR Agent

on:

  pull_request:

    types: [opened, reopened, ready_for_review]

  issue_comment:

jobs:

  pr_agent_job:

    if: ${{ github.event.sender.type != 'Bot' }}

    runs-on: ubuntu-latest

    permissions:

      issues: write

      pull-requests: write

      contents: write

    name: Run security pr agent on every pull request, respond to user comments

    steps:

      - name: Security PR Agent action step

        id: pragent

        uses: docker://ghcr.io/hi120ki/security-pr-agent:2025-04-24

        env:

          OPENAI_KEY: ${{ secrets.OPENAI_API_KEY }}

          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

          github_action_config.auto_review: true

          github_action_config.auto_improve: false

```

## Customization

You can customize the security review criteria and prompts by editing the `pr_reviewer_prompts.toml` file.

## License

This project is licensed under the [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0).

## Acknowledgments

This project is based on [PR Agent](https://github.com/Codium-ai/pr-agent). We thank the PR Agent team for their excellent work.