# Troubleshooting in PR Scan

This section covers common issues that may occur while enabling or running the PR Scan & Remediation workflow and the steps to resolve them.

#### **1. 403 Error or Permission Denied During PR Scan**

**Issue:**

* PR scan fails with a 403 error.
* Workflow comments indicate missing or insufficient permissions.

**Cause:**

Required GitHub App permissions for workflows or repository access are not enabled.

**Resolution:**

1. Go to GitHub → Settings → Applications → Installed GitHub Apps.
2. Select the AI Guardian GitHub App.
3. You will see a pending permission request for workflow or repository access.
4. Approve the requested permissions.
5. Re-run the PR scan or update the PR with a new commit.

#### **2. Prompted to Login or Register a Scan When PR Workflow Runs**

**Issue:**

* PR workflow comments ask you to log in to AI Guardian.
* Message indicates the repository or branch is not registered.

**Cause:**

The repository has not been scanned or registered at least once in AI Guardian.

**Resolution:**

1. Log in to the AI Guardian application.
2. Register the repository and run an initial scan on the target branch (for example, main).
3. Once the scan completes, re-run the PR workflow.

The PR workflow requires at least one successful scan to establish repository context.

#### **3. PR Workflow Not Triggering**

**Issue:**

* No PR comments are posted.
* Workflow does not run when a PR is opened or updated.

**Causes:**

* PR workflow is not enabled for the project.
* The setup pull request was created but not merged.
* The PR is not targeting the registered base branch.

**Resolution:**

1. Verify that Enable PR Workflow is toggled on in the project settings.
2. Ensure the auto-generated setup PR has been merged.
3. Confirm the PR target branch matches the registered branch in AI Guardian.

#### **4. Scan Runs but No Findings Are Reported**

**Issue:**

PR scan completes successfully but reports no vulnerabilities.

**Causes:**

* The PR does not introduce new vulnerabilities.
* All findings already exist in the base branch.
* Scanning rules are not applicable to the changes.

**Resolution:**

This is an expected behavior. Only vulnerabilities newly introduced by the PR are reported to reduce noise.

#### **5. Workflow Cannot Be Disabled from UI**

**Issue:**

The user wants to disable the PR workflow but cannot find an option in the UI.

**Explanation:**

Once enabled, the PR workflow cannot be disabled through the UI by design.

**Resolution:**

Remove or disable the workflow file directly from the repository.