Clever Automation
Set it and forget it. Automatically trigger tests and scans whenever you push code, merge a PR, or on a schedule. Ship faster without skipping security.
🤖 Vibe Coding Prompts
Choose your path and copy the prompt to your AI assistant:
Scan on every push and PR (most common)
Help me set up automated Bugrit scanning in my GitHub repository. I want a GitHub Actions workflow that: 1. Triggers on push to main and develop branches 2. Triggers on pull requests to main 3. Scans my code with Bugrit's 150 security modules (5,000+ scans) 4. Fails the build if critical vulnerabilities are found 5. Posts results as a PR comment Create .github/workflows/bugrit.yml with: - API call to POST https://bugrit.com/api/v1/scans - Polling loop to wait for completion - Check for critical issues and fail if found - Use secrets: BUGRIT_API_KEY, BUGRIT_PROJECT_ID My repository: [MY_GITHUB_REPO_URL] Please create the complete workflow file.
✨Works with Claude, ChatGPT, Cursor, Copilot, Cody, and other AI coding assistants
💡 Why This Matters
Vibe coding is fast. Security scanning shouldn't slow you down. The best security is the kind you don't have to remember to do—automation means every commit gets scanned, every deploy gets tested, every merge gets the full treatment.
- →Zero friction: Scans trigger automatically—no manual steps, no forgotten checks
- →Catch issues early: Find vulnerabilities before they reach production, not after
- →Quality gates: Block deploys when critical issues are found—automated guard rails
🔧
Configure in Dashboard
Set up automations visually in your settings. Connect repos, define triggers, done.
Go to Automations Settings →▶View Technical Details & Code Examples
🐙 GitHub Actions
The most common approach. Add a workflow file and every push triggers a scan.
# .github/workflows/bugrit.yml
name: Bugrit Security Scan
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Trigger Bugrit Scan
id: scan
run: |
RESPONSE=$(curl -s -X POST https://bugrit.com/api/v1/scans \
-H "Authorization: Bearer ${{ secrets.BUGRIT_API_KEY }}" \
-H "Content-Type: application/json" \
-d '{
"projectId": "${{ secrets.BUGRIT_PROJECT_ID }}",
"platform": "web",
"sourceType": "github",
"repoUrl": "https://github.com/${{ github.repository }}",
"branch": "${{ github.ref_name }}",
"commitSha": "${{ github.sha }}"
}')
SCAN_ID=$(echo $RESPONSE | jq -r '.id')
echo "scan_id=$SCAN_ID" >> $GITHUB_OUTPUT
- name: Wait for Scan
run: |
SCAN_ID=${{ steps.scan.outputs.scan_id }}
for i in {1..60}; do
STATUS=$(curl -s -H "Authorization: Bearer ${{ secrets.BUGRIT_API_KEY }}" \
"https://bugrit.com/api/v1/scans/$SCAN_ID" | jq -r '.status')
[ "$STATUS" = "completed" ] && break
[ "$STATUS" = "failed" ] && exit 1
sleep 10
done
- name: Check for Critical Issues
run: |
SCAN_ID=${{ steps.scan.outputs.scan_id }}
CRITICAL=$(curl -s -H "Authorization: Bearer ${{ secrets.BUGRIT_API_KEY }}" \
"https://bugrit.com/api/v1/scans/$SCAN_ID" | jq -r '.summary.critical // 0')
[ "$CRITICAL" -gt 0 ] && exit 1 || exit 0🦊 GitLab CI
# .gitlab-ci.yml
bugrit-scan:
image: alpine:latest
before_script:
- apk add --no-cache curl jq
script:
- |
RESPONSE=$(curl -s -X POST https://bugrit.com/api/v1/scans \
-H "Authorization: Bearer $BUGRIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"projectId": "'$BUGRIT_PROJECT_ID'",
"sourceType": "gitlab",
"repoUrl": "'$CI_PROJECT_URL'",
"branch": "'$CI_COMMIT_REF_NAME'"
}')
SCAN_ID=$(echo $RESPONSE | jq -r '.id')
while true; do
STATUS=$(curl -s -H "Authorization: Bearer $BUGRIT_API_KEY" \
"https://bugrit.com/api/v1/scans/$SCAN_ID" | jq -r '.status')
[ "$STATUS" = "completed" ] && break
[ "$STATUS" = "failed" ] && exit 1
sleep 10
done
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_COMMIT_BRANCH == "main"⏰ Scheduled Scans
# Nightly security scan
name: Nightly Security Scan
on:
schedule:
- cron: '0 2 * * *' # Every day at 2 AM UTC
workflow_dispatch: # Manual trigger
jobs:
scan:
runs-on: ubuntu-latest
steps:
- name: Trigger Full Scan
run: |
curl -X POST https://bugrit.com/api/v1/scans \
-H "Authorization: Bearer ${{ secrets.BUGRIT_API_KEY }}" \
-H "Content-Type: application/json" \
-d '{
"projectId": "${{ secrets.BUGRIT_PROJECT_ID }}",
"sourceType": "github",
"repoUrl": "https://github.com/${{ github.repository }}",
"branch": "main",
"scanConfig": { "tools": "all", "depth": "thorough" }
}'🔌 Automations API
# Create an automation rule
curl -X POST https://bugrit.com/api/v1/automations \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Scan on push to main",
"projectId": "proj-abc123",
"trigger": {
"type": "github_push",
"config": {
"branches": ["main", "develop"],
"repository": "yourorg/yourrepo"
}
},
"action": {
"type": "scan",
"config": {
"platform": "web",
"tools": "all",
"failOn": "critical"
}
},
"enabled": true
}'Trigger Types
| Trigger | When it Fires | Best For |
|---|---|---|
github_push | Code pushed to branches | Continuous scanning |
github_pr | PR opened or updated | PR checks |
schedule | Cron schedule | Nightly audits |
webhook | HTTP call | Custom integrations |
docker_push | Image pushed | Container security |
Best Practices
1. Start Simple
Begin with push-to-main scanning. Expand to PRs once you trust the workflow.
2. Use Quality Gates
Fail builds on critical issues. Start strict, loosen if needed.
3. Layer Your Scans
Quick scans on PRs, thorough scans nightly. Balance speed and coverage.
4. Monitor Credits
Set up usage alerts to avoid surprises.