Documentation

Everything you need to integrate SecuriSky into your development workflow.

Getting Started

Run your first scan
Understanding your security score
Applying AI-generated fixes

API Reference

Authentication (Firebase Bearer token)
POST /scans/trigger
GET /scans/{id}
GET /remediation/scan/{id}
All endpoints →

CI/CD Integration

GitHub Action setup
Creating CI tokens
Exit codes and thresholds

Webhooks

Creating a webhook subscription
Event types (scan_complete, score_drop, critical_finding)
Verifying HMAC-SHA256 signatures

Quick start: GitHub Action

# CI/CD Integration via REST API
# .github/workflows/security.yml

name: SecuriSky Security Scan
on: [pull_request]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - name: Trigger SecuriSky scan
        id: scan
        run: |
          SCAN=$(curl -sf -X POST https://securisky.dev/api/v1/ci/scans \
            -H "X-API-Key: $SECURISKY_API_KEY" \
            -H "Content-Type: application/json" \
            -d '{"url": "'"$STAGING_URL"'", "fail_on": "critical"}')
          echo "scan_id=$(echo $SCAN | jq -r .scan_id)" >> $GITHUB_OUTPUT
        env:
          SECURISKY_API_KEY: ${{ secrets.SECURISKY_API_KEY }}
          STAGING_URL: ${{ vars.STAGING_URL }}

Full API reference as machine-readable text: /llms.txt · Questions? info@hexalian.com