For an overview of all available workflows, see the main README.
The Daily Malicious Code Scan workflow examines files changed in the past 72 hours, searching for secret exfiltration, out-of-context code, suspicious network activity, system access patterns, obfuscation, and supply chain indicators. Findings appear as GitHub code-scanning alerts with threat scores and remediation recommendations.
# Install the 'gh aw' extension
gh extension install github/gh-aw
# Add the workflow to your repository
gh aw add-wizard githubnext/agentics/daily-malicious-code-scanThis walks you through adding the workflow to your repository.
graph LR
A[Daily Schedule] --> B[Fetch Recent Changes]
B --> C[Scan for Patterns]
C --> D{Threats Found?}
D -->|Yes| E[Create Code Scanning Alert]
D -->|No| F[Report: All Clear]
This workflow works out of the box with any repository and programming language. No additional configuration is required.
After editing run gh aw compile to update the workflow and commit all changes to the default branch.