Fraim - Code Scan Github Action

We are excited to announce the release of the Fraim Github Action.

If you have wanted to try Fraim but haven’t found the time, now it’s easier than ever! Simply configure your API key, and drop our action into .github/workflows, and Fraim’s built-in code scanning will run directly on your PRs.

Installation

NOTE: This example assumes you are using a Gemini based model. If you’d like to use an OpenAI based model, replace references of GEMINI with OPENAI and specify an OpenAI model in the action arguments.

1. Set your API key as a Secret in your repo. - Settings -> Secrets and Variables -> New Repository Secret -> GEMINI_API_KEY
2. Define your workflow inside your repo at .github/workflows/<action_name>.yml

name: AI Security Scan

on:
  pull_request:
    branches: [main]

jobs:
  security-scan:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      actions: read
      security-events: write # Required for uploading SARIF
      pull-requests: write # Required for PR comments and annotations
    
    steps:
      - name: Run Fraim Security Scan
        uses: fraim-dev/fraim-action@v0
        with:
          gemini-api-key: ${{ secrets.GEMINI_API_KEY }}
          workflows: 'code'

Preview

Once you’ve added the Action, your code will be scanned by Fraim. Any potential vulnerabilities will be flagged as comments in the PR.