> For the complete documentation index, see [llms.txt](https://docs.opsmx.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.opsmx.com/remediation-agents/code-agent/user-interface-overview/pr-scan-and-remediation.md). # PR Scan & Remediation PR Scan is a pull request–level security feature that automatically scans code changes for security issues before they are merged. It integrates directly with your GitHub pull request workflow to detect new vulnerabilities introduced by a PR and helps developers fix them by generating remediation pull requests with suggested changes. This ensures security issues are identified and addressed early, without adding manual steps to the development workflow. ### 1. Prerequisites * Ensure your main branch is registered with AI Guardian. * Ensure AI Guardian has access to the GitHub repository. ### 2. Enable PR Workflow 1. Go to the **Projects** page in AI Guardian. 2. Locate your project and click **Edit**. 3. Toggle **Enable PR Workflow**. 4. When enabled, a confirmation popup appears with the following information: * Enabling the PR workflow will create a pull request in your repository containing the workflow configuration file. * You must merge this pull request to complete the setup and activate the PR workflow. * Once enabled, this action cannot be undone through the UI. 5. Click **Enable** and **Create PR**. 6. Review and merge the auto-generated pull request in GitHub. After the PR is merged, the PR workflow becomes active. ### 3. Triggering the PR Scan 1. Create a feature branch (for example, dev) and push your changes. 2. Raise a Pull Request to merge: dev → main 3. The PR scan automatically triggers when the PR is: * Opened * Updated with new commits * Reopened During execution: * AI Guardian receives PR metadata (PR number, source branch, target branch, PR URL). * A PR comment confirms that the scan has started. ### 4. Viewing Scan Results * Scan results are posted directly as a comment on the PR. * Results include: * SAST findings (code vulnerabilities) * SCA findings (dependency vulnerabilities) * Only new vulnerabilities introduced by the PR are reported. ### 5. Remediation Workflow 1. Click the Remediation URL provided in the PR comment. 2. Select the vulnerabilities identified in the scan. 3. AI Guardian creates a remediation pull request with suggested fixes. 4. An interactive remediation chat: * Explains the fixes * Allows review and clarification before applying changes 5. The PR scan runs again on the remediation PR. 6. If the scan is clean: * Merge the remediation PR into the feature branch * Then merge the feature branch into main ### 6. Importance of PR Scan * **Automated Security Checks**: Every pull request undergoes automatic security verification. * **Minimal Setup**: Simplified setup directly through the user interface without workflow or secret management. * **Efficient Onboarding**: Quick initiation with standardized configurations. * **Developer-Friendly Remediation**: Automatically generate fix pull requests to help developers address issues. * **Continuous Security Assurance**: Ensure secure code is consistently deployed to production. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.opsmx.com/remediation-agents/code-agent/user-interface-overview/pr-scan-and-remediation.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.