docsUse CasesUse CodeAudits With Your Private Account

Use CodeAudits With Your Private Account

Here’s the suggested flow:

  1. Your GitHub repository has a GitHub Action that submits code to CodeAudits.ai.
  2. CodeAudits uses your private API keys (e.g., Google Gemini, OpenAI GPT, Anthropic Claude, etc.).
  3. Your code and audits are available only to you behind SSO (Google, GitHub, or Microsoft Entra ID).

Workflow Setup

  • Go to CodeAudits.ai -> Your Account and sign in with GitHub or any other SSO provider.
  • In the Settings screen, copy your API Token.

/images/docs/your-api-token.png

  • In your GitHub repository, create a workflow in .github/workflows/:
name: Push codebase for LLM audits (private)
 
on:
  workflow_dispatch:
 
jobs:
  codebase-for-audit:
    runs-on: ubuntu-latest
 
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
 
      - name: Set up Python
        uses: actions/setup-python@v3
        with:
          python-version: "3.10"
 
      - name: Install Codebase Dump
        run: pip install codebase-dump
 
      - name: Generate Single-File Prompt for LLM
        run: codebase-dump . -f project_dump_for_llm.md -o markdown --audit-upload --api-key="${{ secrets.CODE_AUDITS_API_KEY }}" >> audit.log
 
      - name: Extract audit URL
        id: extract_audit_url
        run: |
          # Locate the JSON line, convert single quotes to double quotes, and extract 'url' using jq
          url=$(grep '^{' audit.log | sed "s/'/\"/g" | jq -r '.url')
          echo "url=$url" >> $GITHUB_OUTPUT
 
      - name: Add URL to summary
        run: |
          echo "Audit URL: ${{ steps.extract_audit_url.outputs.url }}" >> $GITHUB_STEP_SUMMARY
 
      - name: Upload Prompt File as Artifact
        uses: actions/upload-artifact@v4
        with:
          name: project_dump_for_llm.md
          path: project_dump_for_llm.md

This workflow parses your codebase with codebase-dump and sends it to your private account on CodeAudits.ai.

  • In your GitHub repository settings, go to Secrets and variables -> Actions and set CODE_AUDITS_API_KEY to the API token you copied from CodeAudits.ai.
  • After the workflow runs successfully, you can see your audits at https://codeaudits.ai/account.

LLM API Key Setup

  • Go to your account on CodeAudits.ai: https://codeaudits.ai/account
  • In the Settings screen, you can add API keys to different LLM services.
  • Select the default one that should be used to generate code audits.

/images/docs/api-key-manager.png

When you open a specific audit, the default LLM you selected will be used to generate it.

/images/docs/generated-audit.png

Getting Your Free API Key for LLM

At the time of writing, most LLM APIs are paid (usually a few cents per request). However, you can get Google’s Gemini API for free.

The Gemini API “free tier” is available with lower rate limits for testing purposes. Data sent to Google with this API key is used to improve their products.

To get your free-tier Gemini API key, visit: https://aistudio.google.com/.

Quick Start GuidePrivate Instance of CodeAudits
MIT 2025 © Nextra.