Skip to content

agentguard-ai/tealtiger-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
examples
examples
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
tealtiger-scan.sh
tealtiger-scan.sh
 
 

Repository files navigation

TealTiger Security Scan — GitHub Action

Run TealTiger AI security guardrails (PII detection, prompt injection, content moderation) and policy tests directly in your GitHub Actions workflow.

Quickstart

name: TealTiger Security Scan
on: [push, pull_request]

jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Run TealTiger Scan
        uses: agentguard-ai/tealtiger-action@v1
        with:
          scan-path: ./prompts

Inputs

Input Required Default Description
scan-path Yes Directory or file glob containing prompts or text to scan
guardrails No pii,prompt-injection,content-moderation Comma-separated list of guardrails to enable
sensitivity No medium Scan sensitivity level (low, medium, high)
policy-file No "" Path to a TealTiger policy configuration file
fail-on-finding No true Fail the workflow when a guardrail violation is detected
report-format No json Report output format (json, junit, sarif)

Outputs

Output Description
report Path to the generated scan report file
findings-count Number of guardrail violations found
passed Whether the scan passed (true or false)

Usage Examples

Basic Scan

- name: Run TealTiger Scan
  uses: agentguard-ai/tealtiger-action@v1
  with:
    scan-path: ./src

Custom Guardrails and Sensitivity

- name: Run TealTiger Scan
  uses: agentguard-ai/tealtiger-action@v1
  with:
    scan-path: ./prompts
    guardrails: pii,prompt-injection
    sensitivity: high

Policy Testing with SARIF Upload

- name: Run TealTiger Scan
  id: tealtiger
  uses: agentguard-ai/tealtiger-action@v1
  with:
    scan-path: ./prompts
    policy-file: ./tealtiger-policy.yml
    report-format: sarif
    fail-on-finding: "false"

- name: Upload SARIF to GitHub Code Scanning
  uses: github/codeql-action/upload-sarif@v3
  if: always()
  with:
    sarif_file: ./tealtiger-report/scan-report.sarif

Non-Blocking Scan

- name: Run TealTiger Scan (non-blocking)
  uses: agentguard-ai/tealtiger-action@v1
  with:
    scan-path: ./src
    fail-on-finding: "false"

How It Works

This action uses the official TealTiger Docker image (tealtigeradmin/tealtiger-docker) and delegates scan execution to the shared tealtiger-scan.sh entrypoint script. Each input is mapped to a TEALTIGER_* environment variable consumed by the entrypoint.

Exit Codes

Code Meaning
0 Scan passed — no violations found, or fail-on-finding is false
1 Scan found violations and fail-on-finding is true
2 Invalid configuration (missing scan path, invalid sensitivity, etc.)

License

Apache 2.0 — see LICENSE.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

TealTiger Security Scan v1.0.0 Latest
Apr 4, 2026

Packages

 
 
 

Contributors

Languages