This is a tool that connects to the OpenAI API and scans all Rust files in your GitHub repository for smart contract and code vulnerabilities. The current workflow will run after each push request.
- First, create a new GitHub Action in your repository. You can do this by adding a .github/workflows/main.yml file to your repository using the contents found in
example/main.yml - Ensure you replace the engine paramater with your desired OpenAI engine.
See here for a list of engines OpenAI models
- Nwo the ext time your github repo is updated, it will trigger an actio that collects all .rs files and send to GPT to check for vulnerabilities.
- Go to the main page of their GitHub repository.
- Click on the "Settings" tab.
- In the left sidebar, click on "Secrets and variables."
- Click on the Action button.
- Click on New repository secret
- Enter OPENAI_API_KEY as the name and provide their own OpenAI API key as the value.
- Click on "Add secret."