CI and GitHub Actions
Trigger crawls from your pipeline after deploy or on pull requests. CI runs use the same checks as the dashboard; diffs compare against the prior CI run on the same repository when possible.
On this page
1. Create an API key
CI access requires a paid plan.
Sign in and open Developers → API keys to create a key and copy the x-ci-api-key header value for your workflow secrets.
2. Add the GitHub Action
Follow the step-by-step
CI and GitHub Actions setup guide
for repository secrets, a minimal workflow, fail_mode, automated PR risk reports, and agent routing.
The run report in Signal Diff shows repository, commit, branch, and pull request context when the workflow supplies them.
3. Read the diff
Pipeline gates should key off new findings since the CI baseline, not raw error totals. See Baselines and diffs for how CI baseline selection differs from manual scans.
Private or staging URLs
Targets only reachable from your network need a customer agent instead of a cloud crawl. Enroll on Customer agents or see the Customer agent setup guide for pools and CI triggers.