Skip to main content
Warden can run as a GitHub Action to automatically analyze pull requests using Claude-powered skills. The action posts inline code review comments and can fail checks based on severity thresholds.

Prerequisites

Before setting up the GitHub Action, you need:
1

Anthropic API Key

Get an API key from Anthropic Console. You can also use OAuth tokens from Claude Code.
2

Configuration File

Create a warden.toml in your repository root. Run npx warden init to generate one:
npx warden init
3

GitHub Token

The action needs contents: write permission to resolve review threads. This is handled automatically via github.token or you can provide a custom token.

Basic Setup

Create .github/workflows/warden.yml in your repository:
.github/workflows/warden.yml
name: Warden

# contents: write required for resolving review threads via GraphQL
permissions:
  contents: write

on:
  pull_request:
    types: [opened, synchronize, reopened]

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - uses: getsentry/warden@v1
        with:
          anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
The action automatically installs Claude Code CLI v2.1.32. No additional setup required.

Add API Key as Secret

1

Navigate to Repository Settings

Go to your repository → Settings → Secrets and variables → Actions
2

Add Secret

Click “New repository secret” and add:
  • Name: ANTHROPIC_API_KEY
  • Value: Your Anthropic API key (starts with sk-ant-)
For better review thread management, use a GitHub App token instead of GITHUB_TOKEN:
.github/workflows/warden.yml
name: Warden

permissions:
  contents: write

on:
  pull_request:
    types: [opened, synchronize, reopened]

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - uses: actions/create-github-app-token@v1
        id: app-token
        with:
          app-id: ${{ secrets.WARDEN_APP_ID }}
          private-key: ${{ secrets.WARDEN_PRIVATE_KEY }}
      
      - uses: getsentry/warden@v1
        with:
          anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
          github-token: ${{ steps.app-token.outputs.token }}

Schedule Workflow

Run Warden on a schedule to analyze your entire codebase and create issues:
.github/workflows/warden-schedule.yml
name: Warden Schedule

permissions:
  contents: write
  issues: write
  pull-requests: write

on:
  schedule:
    # Run every Monday at 9am UTC
    - cron: '0 9 * * 1'
  workflow_dispatch:

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - uses: getsentry/warden@v1
        with:
          anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
Configure schedule triggers in warden.toml:
warden.toml
version = 1

[[skills]]
name = "security-audit"
paths = ["src/**/*.ts"]

[[skills.triggers]]
type = "schedule"
issue = "Update security audit findings"

Authentication Methods

Warden supports multiple authentication methods (checked in order):
  1. anthropic-api-key input
  2. WARDEN_ANTHROPIC_API_KEY environment variable
  3. ANTHROPIC_API_KEY environment variable
  4. CLAUDE_CODE_OAUTH_TOKEN environment variable (OAuth)

Using OAuth Token

- uses: getsentry/warden@v1
  env:
    CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_OAUTH_TOKEN }}

Permissions Reference

PermissionRequiredPurpose
contents: writeYesResolve review threads via GraphQL
pull-requests: writeAuto (via GITHUB_TOKEN)Post review comments
checks: writeAuto (via GITHUB_TOKEN)Create check runs
issues: writeSchedule onlyCreate/update issues for schedule triggers

What Happens on Pull Requests

When a PR is opened or updated, Warden:
  1. Installs Claude Code CLI (v2.1.32)
  2. Loads warden.toml configuration
  3. Matches triggers against the PR event
  4. Runs matched skills in parallel
  5. Posts inline review comments for findings
  6. Creates a check run with summary
  7. Auto-resolves stale comments from previous pushes
  8. Evaluates fix attempts using Claude
  9. Fails the check if findings exceed threshold (configurable)

Next Steps

Configuration

Learn how to configure the action inputs and behavior

Inputs & Outputs

Reference for all action inputs and outputs

Build docs developers (and LLMs) love

Get started for freeTalk to us