Skip to main content

​
Get up and running in 5 minutes

This guide walks you through installing Warden, running your first analysis, and setting up automated PR reviews.
1

Initialize Warden

Run the init command to create a warden.toml configuration file:
npx warden init
This creates a basic configuration with example skills:
warden.toml
version = 1

[defaults]
failOn = "high"
reportOn = "medium"

[[skills]]
name = "code-quality"
paths = ["src/**"]

[[skills.triggers]]
type = "local"
The init command also creates a .github/workflows/warden.yml GitHub Actions workflow file.
2

Set up authentication

Warden needs a Claude API key or Claude Code CLI to run. Choose one:Option A: Use Claude Code CLI (recommended for local development)If you have Claude Code CLI installed and logged in:
npx warden
Warden automatically uses your Claude Code subscription.Option B: Use an API keySet the ANTHROPIC_API_KEY environment variable:
export ANTHROPIC_API_KEY=sk-ant-...
npx warden
Or use the WARDEN_ANTHROPIC_API_KEY variable:
export WARDEN_ANTHROPIC_API_KEY=sk-ant-...
npx warden
Get an API key from the Anthropic Console.
3

Run your first analysis

Make some changes to your code, then run Warden:
# Analyze uncommitted changes
npx warden

# Analyze specific files
npx warden src/api/

# Analyze git diff
npx warden main..HEAD
Warden will:
  1. Load skills from warden.toml
  2. Match triggers (e.g., type = "local")
  3. Run matched skills with Claude
  4. Display findings in your terminal
Example output:
⚑ Warden v0.18.0

πŸ” Running 1 skill on 3 files...

βœ“ code-quality: 2 findings
  src/api/users.ts:45 - Missing error handling [medium]
  src/api/auth.ts:12 - Hardcoded secret [high]

πŸ’° Cost: $0.03 (12.5K tokens)
4

Apply auto-fixes

Many findings include suggested fixes. Apply them with --fix:
# Interactive mode: review each fix
npx warden --fix

# Auto-apply all fixes
npx warden --fix --yes
Warden applies unified diff patches directly to your files.
5

Set up GitHub Action

Enable automated PR reviews by adding your API key to GitHub Secrets:
  1. Go to your repository Settings β†’ Secrets and variables β†’ Actions
  2. Create a new secret named ANTHROPIC_API_KEY
  3. Paste your API key
The workflow created by warden init is ready to use:
.github/workflows/warden.yml
name: Warden
on:
  pull_request:
    types: [opened, synchronize, reopened]

jobs:
  warden:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: getsentry/warden@v1
        with:
          anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
Now Warden will comment on every PR with findings!

​
What’s next?

Configure skills

Customize skill behavior, triggers, and severity thresholds

Create custom skills

Write your own skills for project-specific analysis

CLI reference

Explore all CLI commands and options

GitHub Action setup

Advanced GitHub Action configuration

​
Example workflows

​
Analyze before commit

Add Warden to your pre-commit hook:
.husky/pre-commit
#!/bin/sh
npx warden || exit 1

​
Weekly scheduled scans

Run comprehensive scans on a schedule:
warden.toml
[[skills]]
name = "security-audit"

[[skills.triggers]]
type = "schedule"

[skills.triggers.schedule]
createFixPR = true
Configure the schedule in GitHub Actions:
.github/workflows/warden-scheduled.yml
on:
  schedule:
    - cron: '0 0 * * 0'  # Weekly on Sunday

​
Strict enforcement

Fail CI on high-severity findings:
warden.toml
[defaults]
failOn = "high"
reportOn = "medium"
.github/workflows/warden.yml
- uses: getsentry/warden@v1
  with:
    anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
    fail-check: true
Questions? Check the troubleshooting guide or open an issue.

Build docs developers (and LLMs) love

Get started for freeTalk to us