Get Started
Core concepts
Repositories, scans, reports, findings, and CLA coverage—the vocabulary used across the Superagent dashboard.
These terms appear throughout the dashboard and docs.
Repository
A GitHub repository connected through a GitHub App installation. The Repository page lists all repos Superagent can see; each detail page holds security scan settings, CLA template assignment, contributors, and linked reports.
Repositories can have one or both capabilities:
- Security — Superagent Security app installed
- CLA — Open CLA app installed
GitHub Apps
Superagent uses GitHub Apps instead of personal access tokens:
| App | Powers |
|---|---|
| Superagent Security | PR security scans, contributor trust, repository reports, advisory ingestion |
| Open CLA | CLA checks, signing flows, template enforcement |
Pull request checks
On each pull request, GitHub runs checks published by the installed apps:
| Check | App | Purpose |
|---|---|---|
| Security scan | Superagent Security | Automated review signals on code changes |
| Contributor trust | Superagent Security | Risk signals based on contributor history and behavior |
| Contributor License Agreement | Open CLA | Verifies CLA coverage for all contributors on the PR |
Review combined activity on Pull requests; open a PR in GitHub for full check output.
Reports
A report is either:
- An agent red-team project — adversarial tests against an AI system (chatbot, coding agent, workflow, etc.)
- A repository red-team report — security analysis run against one or more GitHub repos
All reports are listed on Reports (/app/reports). Legacy URLs under /app/red-team/* and /app/safety-tests/* still resolve to the same projects.
Findings
A finding is a security issue worth triaging—typically from a repository report or an incoming GitHub advisory. The Findings page is the org-wide queue; each finding has a detail page for triage status, AI-assisted analysis, and links back to the source report.
Contributors
A contributor is a GitHub user who has contributed to your connected repositories. The Contributors page shows CLA signature status, trust score, and recent pull request activity in one profile per person.
Agreements (CLA)
Agreements are Contributor License Agreement templates:
- Templates store legal text and immutable versions
- Repository settings select which template version applies
- Signatures bind contributors (or corporate orgs) to a specific version hash
Dashboard navigation map
| Sidebar item | Path |
|---|---|
| Dashboard | /app |
| Integrations | /app/integrations |
| Settings | /app/settings |
| Repository | /app/repository |
| Pull requests | /app/pull-requests |
| Reports | /app/reports |
| Findings | /app/findings |
| Contributors | /app/contributors |
| Agreements | /app/governance/templates |