Connect a Repository

Learn how to connect GitHub, GitLab, and Bitbucket repositories to PrismSec.

PrismSec integrates directly with your Git provider to scan pull requests automatically. This guide walks you through connecting repositories from GitHub, GitLab, and Bitbucket.

GitHub

Install the PrismSec GitHub App

  1. Log in to the PrismSec dashboard
  2. Click Connect RepositoryGitHub
  3. You'll be redirected to GitHub to authorize the PrismSec app
  4. Choose whether to install for:
    • All repositories in your organization (recommended for teams)
    • Selected repositories (choose specific repos from the list)

PrismSec requests read access to code and metadata, and write access to create PR comments and fix branches. We never push to your main branch or access data outside the repository.

Grant Repository Access

After authorizing the app:

  1. Select the repositories you want PrismSec to scan
  2. Click Install & Authorize
  3. You'll be redirected back to the PrismSec dashboard

Organization-Wide Installation

To enable PrismSec for all current and future repositories in an organization:

  1. During installation, select All repositories
  2. Any new repository created in the organization will automatically be scanned

First Scan

Once connected, PrismSec will:

  • Scan the next pull request opened in the repository
  • Post a status check on the PR (Pass/Fail based on severity threshold)
  • Add inline comments for each finding

No additional configuration is required. The integration is fully automated.

GitLab

Authorize PrismSec

  1. In the PrismSec dashboard, click Connect RepositoryGitLab
  2. You'll be redirected to GitLab to authorize PrismSec
  3. Click Authorize to grant access

Select Projects

After authorization:

  1. Choose the GitLab projects (repositories) you want to scan
  2. Click Connect Selected Projects
  3. PrismSec will install a webhook to listen for merge request events

Permissions

PrismSec requires:

  • Read access to repository code and merge requests
  • Write access to post merge request comments and create fix branches

First Scan

The next merge request opened in a connected project will trigger a scan automatically.

Bitbucket

Connect Bitbucket Workspace

  1. Click Connect RepositoryBitbucket in the PrismSec dashboard
  2. Authorize PrismSec to access your Bitbucket workspace
  3. Select the workspace and repositories to connect

Grant Access

PrismSec requests:

  • Read access to repository source code
  • Write access to post pull request comments and create fix branches

First Scan

After connecting, the next pull request in any connected repository will be scanned automatically.

Security and Permissions

PrismSec follows the principle of least privilege:

| Permission | Purpose | |------------|---------| | Read repository code | Analyze files for vulnerabilities | | Read pull request metadata | Determine which files changed and scan only diffs | | Write PR comments | Post inline findings and scan summaries | | Create branches and PRs | Open auto-fix pull requests |

PrismSec never pushes directly to your main branch, modifies existing commits, or accesses credentials stored in your Git provider. All code is analyzed in an isolated, ephemeral environment.

Data Security

  • Code is accessed over encrypted connections (TLS)
  • Analysis runs in isolated containers that are destroyed after each scan
  • Code is never stored persistently or used to train AI models
  • Only findings and metadata are retained for dashboard reporting

For enterprise customers, PrismSec supports on-premise and VPC deployment to keep code entirely within your infrastructure.

Next Steps

Now that your repository is connected: