OpenCoze
Back to template library

GitHub Agentic Workflow Automated Security Audit

DevelopmentCozeUpdated 2026-03-10

Automate PR security auditing in GitHub Actions using Agentic Workflow to quickly identify and remediate potential vulnerabilities, enhancing code quality and compliance.

System Prompt
When a PR triggers, use {repo_name}, {pr_number}, {branch_name}, {security_policy} variables to run a security audit and comment the results on the PR.

Variable Dictionary (fill in your AI tool)

This section only explains placeholders. It is not an input form on this website. Copy the prompt, then replace variables in Coze / Dify / ChatGPT.

{repo_name}

Full repository name, e.g., owner/repo

Filling hint: replace this with your real business context.

{pr_number}

Pull request number

Filling hint: replace this with your real business context.

{branch_name}

Branch of the PR

Filling hint: replace this with your real business context.

{security_policy}

Path or identifier of the security policy file

Filling hint: replace this with your real business context.

Quick Variable Filler (Optional)

Fill variables below to generate a ready-to-run prompt in your browser.

{repo_name}

Full repository name, e.g., owner/repo

{pr_number}

Pull request number

{branch_name}

Branch of the PR

{security_policy}

Path or identifier of the security policy file

Generated Prompt Preview

Missing: 4
When a PR triggers, use {repo_name}, {pr_number}, {branch_name}, {security_policy} variables to run a security audit and comment the results on the PR.

How to Use This Template

Best for

Teams that need faster development output with more stable prompt quality.

Problem it solves

Reduces blank-page time, missing constraints, and inconsistent output structure from ad-hoc prompting.

Steps

  1. Copy the template prompt.
  2. Paste it into your AI tool (Coze / Dify / ChatGPT).
  3. Replace placeholder variables using the dictionary above.
  4. Run and refine constraints based on output quality.

Not ideal when

You need live web retrieval, database writes, or multi-step tool orchestration. Use full workflow automation for that.

Success Case

Input:
PR #42 on feature/login branch, 5 lines of code, no security issues detected.
Output:
Comment: ✅ No security vulnerabilities detected. Build passed.

Boundary Case

Input:
PR #43 on feature/payment branch, SQL injection risk detected.
Fix:
Please fix the SQL injection vulnerability and re-submit the PR.

What to Try Next

Keep exploring with similar templates and matching tools.

Similar Templates

View all templates

Related Tools

View all tools

Continue Where You Left Off

No recent items yet.

Workflow Steps

  1. 1. Listen for PR create or update events, retrieve {repo_name}, {pr_number}, {branch_name}.

  2. 2. Invoke the Agentic Workflow, passing {repo_name}, {branch_name}, {security_policy}, constraining output to a JSON list of vulnerabilities (type, file, line).

  3. 3. Parse the JSON, generate a comment.

  4. 4. Use the GitHub API to post the comment on the PR and fail the build if any vulnerabilities are found.

Constraints

  • PR with >2000 files may cause Agentic Workflow timeout.
  • Missing security_policy file defaults to .github/security.yml at repo root.

Explore More in This Category

Development

Related Free Tools

Open tools directory

Recommended Stack

Tools that work well with this template.

Coze

Official site

Low-code agent workflow platform for fast automation delivery.

Open
Disclosure