ConsultingWorkbench-backed AI security engagements — map, attack, defend, and prove your AI systems.
Scope a Review
aisecurityllc
Log inTake DiagnosticScope a Review
aisecurityllc
Scope a Review
All integrations

SecEng Program · CI / Automation

github_actions

Trust Scanner CI

Enforce AI trust language standards in every pull request.

Local firstIn developmentpackage json
Request accessBack to integrations

Screenshots coming soon

Visual walkthrough of Trust Scanner CI in progress

Overview

The SecEng Trust Scanner CI adds trust-language scanning as an automated quality gate to your GitHub Actions workflows. Run it as a workflow step to scan changed files, PR descriptions, or documentation for AI security claim issues — and fail the build if high-risk language is detected. The CLI mode also works in GitLab CI, CircleCI, and any other CI environment that can run Node.js.

Features

  1. 01.

    GitHub Actions integration

    Add the trust scanner as a workflow step in minutes using the provided GitHub Actions action definition.

  2. 02.

    PR description scanning

    Automatically scan pull request descriptions for AI trust-language issues as part of your review process.

  3. 03.

    File-level scanning

    Scan changed files in the PR diff — docs, policies, configuration — to catch issues before they merge.

  4. 04.

    Build gate on findings

    Configure the scanner to exit with a non-zero status code when high-risk language is detected, blocking the merge.

  5. 05.

    Evidence artifact output

    Upload scan results as GitHub Actions artifacts for audit-trail evidence attached to the workflow run.

Install steps

  1. Step 01

    Add the Trust Scanner CI action to your `.github/workflows/` YAML file.

  2. Step 02

    Set `GITHUB_TOKEN` in your workflow environment for PR description access.

  3. Step 03

    Configure the `scan-paths` and `fail-on-risk-level` inputs in the action step.

  4. Step 04

    Push a commit or open a PR — the scanner runs and reports findings as a check.

Capabilities

scan textscan fileexport jsonexport markdownattach evidence

Privacy architecture

Local first

This integration runs 100% in-process using a compiled WASM engine. Text is scanned locally — nothing is transmitted to a server, no analytics, no telemetry. Ideal for regulated environments where data residency and air-gap requirements apply.

Native manifest:package json

Platform vendor

GitHub, Inc.

This integration is built by aisecurity.llc and runs natively on GitHub, Inc..

WebsiteDeveloper docsMarketplaceGitHubTwitter / X

Early access

Get early access — Trust Scanner integrations are in active development

Trust Scanner CI and all 37 integrations are under active development. Tell us what you need and we'll prioritize your platform.

Request accessBrowse all integrations