name: Security Agent

on:

pull_request:

types: [opened, synchronize]

workflow_dispatch:

inputs:

pr_number:

description: "PR number to review"

required: true

type: string

concurrency:

group: agent-security-${{ github.event.inputs.pr_number || github.event.pull_request.number || github.run_id }}

cancel-in-progress: true

permissions:

contents: read

pull-requests: write

actions: write

id-token: write

jobs:

security:

if: |

github.event_name == 'workflow_dispatch' ||

contains(github.event.pull_request.labels.*.name, 'agent-pr')

runs-on:

- codebuild-github-runner-python-docx-${{ github.run_id }}-${{ github.run_attempt }}

timeout-minutes: 15

env:

ANTHROPIC_MODEL: au.anthropic.claude-sonnet-4-6

PR_NUM: ${{ github.event.inputs.pr_number || github.event.pull_request.number }}

steps:

- name: Generate GitHub App token

id: app-token

uses: actions/create-github-app-token@v2

with:

app-id: ${{ secrets.APP_ID }}

private-key: ${{ secrets.APP_PRIVATE_KEY }}

- name: Checkout PR branch

uses: actions/checkout@v4

with:

ref: ${{ github.event.pull_request.head.ref }}

fetch-depth: 0

- name: Checkout PR branch (workflow_dispatch)

if: github.event_name == 'workflow_dispatch'

env:

GH_TOKEN: ${{ steps.app-token.outputs.token }}

run: |

HEAD_REF=$(gh pr view "$PR_NUM" --json headRefName -q .headRefName)

git fetch origin "$HEAD_REF"

git checkout "$HEAD_REF"

- name: Configure AWS credentials (OIDC)

uses: aws-actions/configure-aws-credentials@v4

with:

role-to-assume: ${{ secrets.AWS_ROLE_ARN_BEDROCK }}

aws-region: ap-southeast-2

- name: Set up Node.js

uses: actions/setup-node@v4

with:

node-version: "24"

- name: Set up non-root user for Claude Code

run: |

useradd -m agent

chown -R agent:agent "$GITHUB_WORKSPACE"

chown -R agent:agent /tmp

git config --global --add safe.directory "$GITHUB_WORKSPACE"

- name: Install Claude Code

run: npm install -g @anthropic-ai/claude-code

- name: Security review with Claude Code

env:

CLAUDE_CODE_USE_BEDROCK: "1"

run: |

runuser -u agent -- claude -p \

--model au.anthropic.claude-sonnet-4-6 \

--max-turns 30 \

--allow-dangerously-skip-permissions --dangerously-skip-permissions \

"You are a security agent reviewing PR #${PR_NUM}.

## Instructions

1. Read CLAUDE.md if it exists for project context.

2. Run \`git diff origin/master...HEAD\` to see all changes.

3. Review EVERY changed file for security issues.

## Check for:

- **Injection risks**: XML injection, XXE attacks, path traversal

- **Dependency risks**: New dependencies with known CVEs

- **Data exposure**: Sensitive data leaks, unsafe file handling

- **Secrets in code**: API keys, tokens, passwords

## Output

Create a file called /tmp/security-report.md with your findings:

- If CLEAN: Start with SECURITY_PASS on the first line, then your report.

- If ISSUES FOUND: Start with SECURITY_FAIL on the first line, then each issue with file path, line number, severity (HIGH/MEDIUM/LOW), description, and recommended fix.

Be thorough but avoid false positives. Only flag real security concerns."

- name: Post security report

env:

GH_TOKEN: ${{ steps.app-token.outputs.token }}

run: |

if [ -f /tmp/security-report.md ]; then

REPORT=$(cat /tmp/security-report.md)

else

REPORT="Security agent completed but did not produce a report."

fi

gh pr comment "$PR_NUM" \

--body "**Security Agent Report**

$REPORT"

if echo "$REPORT" | grep -q "SECURITY_FAIL"; then

gh pr edit "$PR_NUM" --add-label "security-failed"

gh workflow run agent-revise.yml -f pr_number="$PR_NUM"

exit 1

else

gh pr edit "$PR_NUM" --add-label "security-passed"

gh workflow run agent-review.yml -f pr_number="$PR_NUM"

fi