Build & integrate

SCM Scanning

Discover AI agents across your org before they reach production. IRIS scans GitHub repositories locally or via API to inventory governed and ungoverned agents.

Install SCM support

pip install iris-security-scm

Scan a local repository

iris scm scan-local --path ./my-agent-repo

Detects LangChain, CrewAI, Anthropic, OpenAI, and custom agent patterns. Reports governed vs ungoverned findings.

Scan a GitHub repository

export GITHUB_TOKEN=ghp_...
iris scm scan-repo --org my-org --repo agent-service

Scan an entire organization

iris scm scan-org --org my-org

Inventory all repos with AI agent patterns — the Discover step at org scale.

Webhook listener

iris scm webhook start --port 8080

Receive GitHub push events and re-scan on every commit.

Setup helper

iris scm setup

Interactive guide for GitHub App or token configuration.

← MCP Setup Policy as Code →