From b5d3d0a0cd1d20c9a48731515d102ef86fb98b32 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 30 Jan 2026 10:14:12 +0000
Subject: [PATCH 1/2] Initial plan


From 5ff211a51edccf91a4560134bc3e25b05fe23eb1 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 30 Jan 2026 10:15:29 +0000
Subject: [PATCH 2/2] Update security workflow to scan only target repository

Co-authored-by: diksha190 <233718673+diksha190@users.noreply.github.com>
---
 .github/workflows/security-review.yml | 50 +++++++++++++--------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/security-review.yml b/.github/workflows/security-review.yml
index a454983..c95d00f 100644
--- a/.github/workflows/security-review.yml
+++ b/.github/workflows/security-review.yml
@@ -15,43 +15,43 @@ jobs:
       contents: read
     
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
+      - name: Checkout vulnerable code repository
+        uses: actions/checkout@v4
         with:
+          path: target-repo
           fetch-depth: 0
 
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
-          python-version: '3.11'
+          python-version: '3.10'
 
-      - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install requests
-
-      - name: Clone Security Agent
-        run: |
-          git clone https://github.com/security-ai-labs/security-ai-agent.git temp-agent
-          cp temp-agent/main.py .
-          cp temp-agent/web3_analyzer.py .
-          cp temp-agent/github_pr_commenter.py .
-          cp temp-agent/security_rules.py .
-          cp temp-agent/requirements.txt .
-          rm -rf temp-agent
+      - name: Checkout Security Agent
+        uses: actions/checkout@v4
+        with:
+          repository: security-ai-labs/security-ai-agent
+          path: security-agent
+          ref: main
 
-      - name: Install Security Agent Dependencies
+      - name: Install dependencies
         run: |
-          pip install -r requirements.txt
+          pip install -r security-agent/requirements.txt
 
-      - name: Run Security Analysis
-        run: python main.py
+      - name: Run Security Analysis on Target Repository Only
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-          PR_NUMBER: ${{ github.event.pull_request.number }}
           REPO_NAME: ${{ github.repository }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          cd security-agent
+          python main.py --target ../target-repo
+        working-directory: ${{ github.workspace }}
 
-      - name: Analysis Complete
+      - name: Upload Analysis Results
         if: always()
-        run: echo "✅ Security analysis completed"
\ No newline at end of file
+        uses: actions/upload-artifact@v4
+        with:
+          name: security-analysis-results
+          path: security-agent/analysis-*.json
+          retention-days: 30
\ No newline at end of file