search

Troubleshooting in PR Scan

This section covers common issues that may occur while enabling or running the PR Scan & Remediation workflow and the steps to resolve them.

hashtag
1. 403 Error or Permission Denied During PR Scan

Issue:

  • PR scan fails with a 403 error.

  • Workflow comments indicate missing or insufficient permissions.

Cause:

Required GitHub App permissions for workflows or repository access are not enabled.

Resolution:

  1. Go to GitHub → Settings → Applications → Installed GitHub Apps.

  2. Select the AI Guardian GitHub App.

  3. You will see a pending permission request for workflow or repository access.

  4. Approve the requested permissions.

  5. Re-run the PR scan or update the PR with a new commit.

hashtag
2. Prompted to Login or Register a Scan When PR Workflow Runs

Issue:

  • PR workflow comments ask you to log in to AI Guardian.

  • Message indicates the repository or branch is not registered.

Cause:

The repository has not been scanned or registered at least once in AI Guardian.

Resolution:

  1. Log in to the AI Guardian application.

  2. Register the repository and run an initial scan on the target branch (for example, main).

  3. Once the scan completes, re-run the PR workflow.

The PR workflow requires at least one successful scan to establish repository context.

hashtag
3. PR Workflow Not Triggering

Issue:

  • No PR comments are posted.

  • Workflow does not run when a PR is opened or updated.

Causes:

  • PR workflow is not enabled for the project.

  • The setup pull request was created but not merged.

  • The PR is not targeting the registered base branch.

Resolution:

  1. Verify that Enable PR Workflow is toggled on in the project settings.

  2. Ensure the auto-generated setup PR has been merged.

  3. Confirm the PR target branch matches the registered branch in AI Guardian.

hashtag
4. Scan Runs but No Findings Are Reported

Issue:

PR scan completes successfully but reports no vulnerabilities.

Causes:

  • The PR does not introduce new vulnerabilities.

  • All findings already exist in the base branch.

  • Scanning rules are not applicable to the changes.

Resolution:

This is an expected behavior. Only vulnerabilities newly introduced by the PR are reported to reduce noise.

hashtag
5. Workflow Cannot Be Disabled from UI

Issue:

The user wants to disable the PR workflow but cannot find an option in the UI.

Explanation:

Once enabled, the PR workflow cannot be disabled through the UI by design.

Resolution:

Remove or disable the workflow file directly from the repository.

PreviousPR Scan & RemediationNextK8's Security Agent List

Last updated