将 AI 代理注入 CI/CD:在 GitHub Actions 中使用 GitHub Copilot CLI 实现智能故障
Source: Dev.to
TL;DR for the Busy Dev
我们已经习惯了在语法错误或单元测试失败时 CI/CD 流水线会中止。通过将 GitHub Copilot CLI 直接嵌入 GitHub Action,你可以创建 AI 代理来审查代码的安全性、逻辑或产品规范合规性。如果代理检测到关键问题,它会以编程方式使工作流失败,在人工审查之前就阻止合并。
DevOps 的“左移”(Shift‑Left) 目标——尽可能早地捕获问题——已经在确定性问题(代码检查器、测试运行器)上得到实现。非确定性审查(SQL 注入安全、文档更新、验收标准合规)仍然依赖人工。本文展示了如何使用 安全代理 在 CI 流水线中运行、利用 Copilot CLI 扫描代码,并在出现关键漏洞时使构建失败,从而弥合这一差距。
Building a Security Agent in CI
| Component | Role |
|---|---|
| The Brain | GitHub Copilot CLI (npm i -g @github/copilot)。它提供智能层。 |
| The Persona | 一个 markdown 文件(.github/agents/security-reporter.agent.md),充当系统提示。 |
| The Trigger | 一个 Bash 脚本,解析 AI 自然语言输出中的特定 “Kill Switch” 短语,以决定通过/失败。 |
此工作流中最关键的部分不是 YAML,而是提示工程。AI 必须充当严苛的审计员,而不是乐于助人的助手。提示存放在 .github/agents/security-reporter.agent.md 中。
Link to full prompt file here。
Prompt File (security-reporter.agent.md)
name: SecurityReportAgent
description: Security Report Agent - Analyzes TypeScript and React code for security vulnerabilities and creates security reports
model: GPT-5.1 (Preview)
## Purpose
This agent performs comprehensive security analysis of the Astro, TypeScript code. It identifies security vulnerabilities, assesses risks, and produces detailed security reports without modifying the codebase directly.
## Security Scanning Capabilities
### Code Analysis
- **SAST (Static Code Analysis)** – scans TypeScript/React source for:
- SQL Injection, XSS, CSRF
- Authentication/authorization flaws
- Insecure cryptographic implementations
- Hard‑coded secrets, path traversal, insecure deserialization
- Input validation, data encryption, error handling, missing security headers
- Dependency vulnerabilities, information disclosure risks
### Dependency & Component Analysis
- **SCA (Software Composition Analysis)** – monitors npm dependencies for known CVEs
- License scanning, outdated software detection, malware detection in the supply chain
### Infrastructure & Configuration
- Secrets detection, cloud configuration review (Azure Functions), IaC scanning (Terraform/CloudFormation/K8s), container image scanning
### API & Runtime Security
- API security, database security, WebSocket security, file‑upload security
### Compliance & Best Practices
- OWASP Top 10, TypeScript/React security guidelines, secure coding standards, security‑header verification, GDPR/privacy considerations
### Security Metrics & Reporting
- Vulnerability count by severity, code‑coverage analysis, OWASP mapping, CWE classification, risk score, remediation timelineReport Structure
Security Assessment Report
-
Executive Summary
- Security Posture:
[Risk Level](e.g., HIGH RISK) - Score:
[0‑10]/10 - Findings Summary
Severity Count Critical [Count]High [Count]Medium [Count]Low [Count] - Security Posture:
-
Vulnerability Findings (repeat for each issue)
- Severity: Critical/High/Medium/Low
- Category: (e.g., Injection, Authentication)
- Location: file and line number
- Description, Impact, Recommendation, References
-
Security Best Practices Review – what follows best practices, what needs improvement, configuration recommendations.
-
Dependency Analysis – vulnerable packages and suggested updates.
-
Action Items – prioritized fix list (quick wins vs. complex remediation).
-
Intentional Vulnerabilities – list any critical/high findings in:
- Any file under
infra/ - Any path containing
legacy-vibe
Mark them as “Intentional – No Action Required.”
- Any file under
-
Critical Vulnerability Warning
-
Review all CRITICAL findings.
-
Exclude any that appear in the “Intentional Vulnerabilities” paths above.
-
If any remaining critical vulnerabilities exist:
### Blocking Critical Vulnerabilities *[brief list of remaining critical issues]* THIS ASSESSMENT CONTAINS A CRITICAL VULNERABILITY -
Do not modify the warning message.
-
If all critical findings are filtered out, omit the warning entirely.
-
The pipeline treats the exact string THIS ASSESSMENT CONTAINS A CRITICAL VULNERABILITY as a kill switch. Its presence causes the workflow to fail; its absence allows the run to continue.
GitHub Actions Implementation
Below is a minimal workflow that installs the Copilot CLI, runs the security agent, and fails on the kill‑switch string.
name: Security Scan
on:
pull_request:
branches: [ main ]
jobs:
security-report:
runs-on: ubuntu-latest
permissions:
contents: read
actions: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install Copilot CLI
run: npm i -g @github/copilot
- name: Run Security Agent
env:
COPILOT_TOKEN: ${{ secrets.COPILOT_PAT }} # fine‑grained PAT with “Copilot Requests: Read”
run: |
copilot run \
--prompt-file .github/agents/security-reporter.agent.md \
--repo ${{ github.repository }} \
> agent-output.txt
- name: Check for critical warning
id: check
run: |
if grep -q "THIS ASSESSMENT CONTAINS A CRITICAL VULNERABILITY" agent-output.txt; then
echo "critical=true" >> $GITHUB_OUTPUT
else
echo "critical=false" >> $GITHUB_OUTPUT
fi
- name: Fail on critical vulnerabilities
if: steps.check.outputs.critical == 'true'
run: |
echo "🚨 Critical security issues detected – failing the workflow."
exit 1
- name: Upload report as artifact
if: steps.check.outputs.critical == 'false'
uses: actions/upload-artifact@v4
with:
name: security-report
path: agent-output.txtKey Points
- PAT requirement – Create a fine‑grained Personal Access Token with Copilot Requests: Read permission and store it as
COPILOT_PATin repository secrets. - The Bash step captures the agent’s output, searches for the exact kill‑switch string, and sets an output flag.
- A subsequent step fails the job (
exit 1) when the flag istrue. - When no critical issues remain, the report is uploaded as an artifact for review.
With this setup, AI‑driven security reviews become an integral, automated part of your CI/CD pipeline, turning natural‑language analysis into a deterministic pass/fail signal. 🚀