# Scanning in CI/CD

## Using Safety as a GitHub Action

Safety can be integrated into your existing GitHub CI pipeline as an Action. Just add the following as a step in your workflow YAML file after setting your `SAFETY_API_KEY` secret on GitHub under Settings -> Secrets -> Actions:

```
      - uses: pyupio/safety-action@v1
        with:
          api-key: ${{ secrets.SAFETY_API_KEY }}
```

(Don't have an API Key? You can sign up for one with <https://safetycli.com/resources/plans>.)

This will run Safety scan and will fail your CI pipeline if any vulnerable packages are found.

If you have something more complicated such as a monorepo; or once you're finished testing, read the [Documentation](https://docs.safetycli.com/) for more details on configuring Safety as an action.

Link to GitHub Action: <https://github.com/marketplace/actions/pyupio-safety-action>

For more information, visit the [GitHub Action](/safety-docs/installation/securing-git-repositories/github/github-actions.md) documentation below:

{% content-ref url="/pages/rSKxHYyhcoPjujqSKeuI" %}
[GitHub Actions](/safety-docs/installation/securing-git-repositories/github/github-actions.md)
{% endcontent-ref %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.safetycli.com/safety-docs/safety-cli/scanning-for-vulnerable-and-malicious-packages/scanning-in-ci-cd.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.