GitHub Actions

Integrate Strix into your GitHub workflow to catch vulnerabilities before they reach production.

Basic Workflow

.github/workflows/security.yml

name: Security Scan

on:
  pull_request:

jobs:
  strix-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Install Strix
        run: curl -sSL https://strix.ai/install | bash

      - name: Run Security Scan
        env:
          STRIX_LLM: ${{ secrets.STRIX_LLM }}
          LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
        run: strix -n -t ./ --scan-mode quick

Required Secrets

Add these secrets to your repository:

Secret	Description
`STRIX_LLM`	Model name (e.g., `openai/gpt-5.4`)
`LLM_API_KEY`	API key for your LLM provider

Exit Codes

The workflow fails when vulnerabilities are found:

Code	Result
0	Pass — No vulnerabilities
2	Fail — Vulnerabilities found

Scan Modes for CI

Mode	Duration	Use Case
`quick`	Minutes	Every PR
`standard`	~30 min	Nightly builds
`deep`	1-4 hours	Release candidates

Use quick mode for PRs to keep feedback fast. Schedule deep scans nightly.

For pull_request workflows, Strix automatically uses changed-files diff-scope in CI/headless runs. If diff resolution fails, ensure full history is fetched (fetch-depth: 0) or set --diff-base.

CI/CD IntegrationRun Strix in any CI/CD pipeline

Getting Started

Usage

LLM Providers

Integrations

Tools

Advanced

GitHub Actions

Basic Workflow

Required Secrets

Exit Codes

Scan Modes for CI

Getting Started

Usage

LLM Providers

Integrations

Tools

Advanced

Documentation Index

​Basic Workflow

​Required Secrets

​Exit Codes

​Scan Modes for CI

Basic Workflow

Required Secrets

Exit Codes

Scan Modes for CI