Malware Scanning with Safe Chain in CI/CD environments

Aikido Safe Chain helps you catch malicious files and dependencies before they make it into your codebase.

This page explains how to integrate malware scanning into your CI/CD pipeline. For desktop or server environments follow the instructions on the Aikido Safe Chain page.

Why use malware scanning in CI/CD?

Running scans directly in your pipeline ensures:

Fast feedback – malicious code is flagged before merging or deploying.
Shift-left security – issues are caught early, reducing remediation costs.
Consistent checks – every commit or build is scanned automatically.

Supported Platforms

GitHub Actions
Azure Pipelines

For more information check out the Safe-Chain Repository.

Manual set-up

To use Aikido Safe Chain in CI/CD environments, run the following command after installing the package:

safe-chain setup-ci

This automatically configures your CI environment to use Aikido Safe Chain for all package manager commands.

Last updated 1 month ago

Was this helpful?