Request for n8n Workflow Template to Analyze GitHub PRs for Vulnerabilities

Currently, there isn’t an official workflow template in our library that exactly matches the functionality of analyzing GitHub pull requests for vulnerabilities using AI. However, you have a couple of options:

1. Build Your Own Workflow:
   You can create a custom workflow by combining the GitHub trigger or polling nodes with one of your preferred AI services (or custom node) to assess pull request vulnerabilities. Once built, this template can help others looking for a similar integration.

2. Submit Your Template:
   n8n welcomes community contributions! If you develop a workflow template for this purpose, you can submit it to our template library through the n8n Creator Hub. For more details on how to contribute your workflow template, please refer to the contributor documentation on submitting templates.

For guidance on building and then sharing your custom workflow, check out the documentation pages on workflow templates and the submission process. This way, you can both solve your current use case and help expand the range of templates available to the n8n community.

If you need further assistance on constructing any specific part of your workflow, feel free to ask!

Below is an example of a workflow template that you can import into your n8n instance and then modify to suit your needs. This workflow conceptually does the following:

1. Retrieves GitHub pull requests – using the GitHub node (or trigger) to pick up new or updated pull requests.
2. Analyzes the pull request data using AI – you can use an HTTP Request node to send the pull request details to an AI service (e.g. using OpenAI's API or any other vulnerability analysis API).
3. Alerts a security channel if any vulnerabilities are detected – for example by sending an email or posting to a messaging service.

Below is an example JSON snippet that demonstrates how you could structure this workflow:

---

JSONCopied
{
  "name": "GitHub PR Vulnerability Analysis",
  "nodes": [
    {
      "parameters": {
        "events": [
          "pull_request"
        ]
      },
      "id": "1",
      "name": "GitHub Trigger",
      "type": "n8n-nodes-base.githubTrigger",
      "typeVersion": 1,
      "position": [
        250,
        300
      ]
    },
    {
      "parameters": {
        "resource": "pullRequest",
        "operation": "list",
        "additionalFields": {}
      },
      "id": "2",
      "name": "Get Pull Requests",
      "type": "n8n-nodes-base.github",
      "typeVersion": 1,
      "position": [
        450,
        300
      ],
      "credentials": {
        "githubApi": "Your GitHub Credential Name"
      }
    },
    {
      "parameters": {
        "url": "https://api.example-ai.com/vulnerability-check",
        "method": "POST",
        "jsonParameters": true,
        "options": {},
        "bodyParametersJson": "={{ { \"pull_request\": $json } }}"
      },
      "id": "3",
      "name": "AI Vulnerability Analysis",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 1,
      "position": [
        650,
        300
      ],
      "credentials": {
        "httpHeaderAuth": "Your AI API Credential Name"
      }
    },
    {
      "parameters": {
        "toEmail": "security-team@example.com",
        "subject": "Potential Vulnerability Detected in PR {{$json[\"number\"]}}",
        "text": "A pull request might contain vulnerabilities. Check the details:\n\n{{$json}}"
      },
      "id": "4",
      "name": "Send Alert",
      "type": "n8n-nodes-base.emailSend",
      "typeVersion": 1,
      "position": [
        850,
        300
      ],
      "credentials": {
        "smtp": "Your SMTP Credential Name"
      }
    }
  ],
  "connections": {
    "GitHub Trigger": {
      "main": [
        [
          {
            "node": "Get Pull Requests",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "Get Pull Requests": {
      "main": [
        [
          {
            "node": "AI Vulnerability Analysis",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "AI Vulnerability Analysis": {
      "main": [
        [
          {
            "node": "Send Alert",
            "type": "main",
            "index": 0
          }
        ]
      ]
    }
  }
}

---

A Few Points to Consider

• GitHub Trigger vs. Polling:
  If you prefer polling for new pull requests instead of using a webhook, replace the GitHub trigger node with a scheduled GitHub node that lists pull requests at a defined interval.

• AI Service Details:
  In the AI node (HTTP Request), update the URL, method, headers, and body as required by your chosen AI vulnerability analysis provider. You might need to adjust the JSON payload accordingly.

• Credentials:
  Replace the placeholder credential names (e.g., "Your GitHub Credential Name", "Your AI API Credential Name", and "Your SMTP Credential Name") with your actual credentials configured in n8n.

• Customizing Alerts:
  The alert node here is set up as an email sender. You could easily switch this to a Slack node or any other messaging integration based on your team's workflow.

Contributing Your Template to the n8n Community

If you refine or enhance this template, consider sharing it with the n8n community. You can add your workflow to the n8n library by following the contributions guidelines provided in the official documentation. This is a great opportunity to help others benefit from your work—especially if you’re combining GitHub, AI, and automation to boost security practices.

Feel free to adjust and test the workflow in your environment. Let me know if you have further questions on how to get this running in n8n!