Skip to main content
Triggers define when a skill executes. Configure triggers to run skills on pull requests, locally via CLI, or on scheduled intervals.

Trigger Types

Warden supports three trigger types:
  • pull_request - GitHub pull request events
  • local - Local CLI execution only
  • schedule - Scheduled runs (GitHub Actions cron)
[[skills]]
name = "my-skill"

[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize"]

[[skills.triggers]]
type = "local"

[[skills.triggers]]
type = "schedule"
Wildcard skills: Skills without triggers run everywhere (PR, local, and schedule contexts). Add explicit triggers to restrict when a skill runs.

Pull Request Triggers

Run skills on GitHub pull request events.
type
enum
required
Must be "pull_request" for PR triggers.
actions
array
required
Pull request actions that trigger the skill.Valid actions:
  • "opened" - PR is created
  • "synchronize" - New commits pushed to PR
  • "reopened" - Closed PR is reopened
  • "closed" - PR is closed
[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize", "reopened"]

Examples

Run on PR creation and updates: 
[[skills]]
name = "security-scanner"

[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize"]
Run on all PR events: 
[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize", "reopened", "closed"]
Run only when PR is opened: 
[[skills.triggers]]
type = "pull_request"
actions = ["opened"]

Local Triggers

Restrict a skill to local CLI execution. The skill will not run in GitHub Actions.
type
enum
required
Must be "local" for CLI-only triggers.
[[skills]]
name = "experimental-check"

[[skills.triggers]]
type = "local"  # Only runs via: warden run experimental-check
Local-only skills are useful for:
  • Experimental checks you’re testing
  • Heavy analysis that’s too slow for CI
  • Interactive workflows requiring human review

Schedule Triggers

Run skills on a cron schedule in GitHub Actions. Requires GitHub Actions workflow configuration.
type
enum
required
Must be "schedule" for scheduled triggers.
schedule.issueTitle
string
Title for the tracking issue created for this scheduled run.Default: "Warden: {skillName}"
[[skills.triggers]]
type = "schedule"

[skills.triggers.schedule]
issueTitle = "Nightly Security Audit"
schedule.createFixPR
boolean
Automatically create a pull request with fixes when suggestedFix is available.Default: false
[skills.triggers.schedule]
createFixPR = true
schedule.fixBranchPrefix
string
Branch name prefix for fix PRs.Default: "warden-fix"
[skills.triggers.schedule]
createFixPR = true
fixBranchPrefix = "security-fix"
Paths required: Skills with schedule triggers must specify paths to define which files to analyze.
# ❌ Invalid - missing paths
[[skills]]
name = "nightly-scan"

[[skills.triggers]]
type = "schedule"

# ✅ Valid
[[skills]]
name = "nightly-scan"
paths = ["src/**/*.ts"]

[[skills.triggers]]
type = "schedule"

Schedule Examples

Basic scheduled scan: 
[[skills]]
name = "nightly-security-scan"
paths = ["src/**/*.ts", "lib/**/*.js"]

[[skills.triggers]]
type = "schedule"
Scheduled scan with auto-fix PRs: 
[[skills]]
name = "auto-fixer"
paths = ["src/**/*.ts"]

[[skills.triggers]]
type = "schedule"

[skills.triggers.schedule]
issueTitle = "Weekly Code Cleanup"
createFixPR = true
fixBranchPrefix = "warden-cleanup"
GitHub Actions workflow:
.github/workflows/warden-schedule.yml
name: Warden Scheduled Scan

on:
  schedule:
    - cron: '0 2 * * *'  # 2 AM daily

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: getsentry/warden@v1
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}

Multiple Triggers

Skills can have multiple triggers to run in different contexts with different settings. 
[[skills]]
name = "security-scanner"
paths = ["src/**/*.ts"]

# Strict checks on PR
[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize"]
failOn = "high"          # Fail CI on high severity
minConfidence = "high"   # High confidence only

# Comprehensive scheduled scan
[[skills.triggers]]
type = "schedule"
failOn = "medium"        # More lenient
minConfidence = "medium" # Lower threshold

[skills.triggers.schedule]
issueTitle = "Weekly Security Review"
createFixPR = true

# Allow local testing
[[skills.triggers]]
type = "local"
reportOn = "low"         # Show everything locally

Per-Trigger Overrides

Triggers can override skill-level and default-level settings.
failOn
enum
Override failOn threshold for this trigger.
[[skills]]
name = "my-skill"
failOn = "medium"  # Skill default

[[skills.triggers]]
type = "pull_request"
actions = ["opened"]
failOn = "high"    # Stricter for PRs
reportOn
enum
Override reportOn threshold for this trigger.
maxFindings
number
Override maxFindings limit for this trigger.
reportOnSuccess
boolean
Override reportOnSuccess for this trigger.
requestChanges
boolean
Override requestChanges for this trigger.
failCheck
boolean
Override failCheck for this trigger.
model
string
Override model selection for this trigger (highest precedence).
[[skills]]
name = "my-skill"
model = "claude-sonnet-4-20250514"  # Skill default

[[skills.triggers]]
type = "schedule"
model = "claude-opus-4-20250514"    # Use Opus for scheduled runs
maxTurns
number
Override maxTurns for this trigger.
minConfidence
enum
Override minConfidence threshold for this trigger.

Override Precedence

Settings are resolved in this order (highest to lowest):
  1. Trigger-level (in [[skills.triggers]])
  2. Skill-level (in [[skills]])
  3. Defaults (in [defaults])
  4. Built-in defaults
[defaults]
failOn = "medium"        # Priority 3

[[skills]]
name = "my-skill"
failOn = "high"          # Priority 2 (overrides defaults)

[[skills.triggers]]
type = "pull_request"
actions = ["opened"]
failOn = "low"           # Priority 1 (overrides skill and defaults)

Common Patterns

PR and Schedule with Different Thresholds

Strict checking on PRs, comprehensive scheduled scans: 
[[skills]]
name = "security-scanner"
paths = ["src/**/*.ts"]

# Strict PR checks
[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize"]
failOn = "high"
minConfidence = "high"
requestChanges = true
failCheck = true

# Comprehensive nightly scan
[[skills.triggers]]
type = "schedule"
failOn = "medium"
minConfidence = "medium"
reportOn = "low"

[skills.triggers.schedule]
issueTitle = "Nightly Security Scan"
createFixPR = true

Different Models per Context

Fast model for PRs, powerful model for scheduled analysis: 
[defaults]
model = "claude-sonnet-4-20250514"

[[skills]]
name = "deep-analysis"
paths = ["src/**/*.ts"]

# Quick PR feedback
[[skills.triggers]]
type = "pull_request"
actions = ["opened", "synchronize"]
model = "claude-sonnet-4-20250514"
maxTurns = 30

# Thorough scheduled analysis
[[skills.triggers]]
type = "schedule"
model = "claude-opus-4-20250514"
maxTurns = 100

Local Experimentation

Test skills locally before enabling in CI: 
[[skills]]
name = "experimental-checker"
paths = ["src/**/*.ts"]

# Only run locally for now
[[skills.triggers]]
type = "local"
reportOn = "low"  # Show everything for testing

# TODO: Enable for PRs after validation
# [[skills.triggers]]
# type = "pull_request"
# actions = ["opened", "synchronize"]

Wildcard Skill

Run everywhere with no restrictions: 
[[skills]]
name = "universal-linter"
paths = ["src/**/*.ts"]
# No triggers = runs on PR, local, and schedule

Trigger Matching

Warden uses trigger configuration to determine which skills to run:

Pull Request Context

When running on a PR (GitHub Actions or warden pr <number>):
  • Skills with type = "pull_request" triggers matching the PR action
  • Wildcard skills (no triggers)

Local Context

When running via CLI (warden, warden run):
  • Skills with type = "local" triggers
  • Wildcard skills (no triggers)

Schedule Context

When triggered by GitHub Actions schedule:
  • Skills with type = "schedule" triggers
  • Wildcard skills (no triggers)
Use warden run <skill-name> to explicitly run a specific skill, ignoring trigger configuration.

Validation

Pull request triggers require actions:
# ❌ Invalid
[[skills.triggers]]
type = "pull_request"  # Error: actions required!

# ✅ Valid
[[skills.triggers]]
type = "pull_request"
actions = ["opened"]
Schedule triggers require paths:
# ❌ Invalid
[[skills]]
name = "nightly-scan"

[[skills.triggers]]
type = "schedule"  # Error: skill must have paths!

# ✅ Valid
[[skills]]
name = "nightly-scan"
paths = ["src/**"]

[[skills.triggers]]
type = "schedule"

Next Steps

Skill Configuration

Configure skill behavior and paths

Severity Thresholds

Control when builds fail

GitHub Actions Setup

Configure CI/CD integration

CLI Reference

Command-line usage

Build docs developers (and LLMs) love

Get started for freeTalk to us