Get Started
← All tools

Security & Vuln Intel

GitHub PR

Open a Pull Request with a patch or fix.

github_create_pr
View on GitHub

Overview

Lets the agent open a Pull Request on GitHub. This is how self-fixing agents (say, one that patches a vulnerability) put their proposed change in front of a human reviewer, rather than silently editing code.

How it works

Posts a 'Create pull request' request to the GitHub REST API. You supply owner, repo, title, body, head branch, and base branch; the tool returns the URL of the new PR. Requires a GitHub token with 'repo' write scope; flagged DANGEROUS in the framework's permission system because it modifies an external system.

Example

When a user asks:

Open a PR with the Log4j fix we just wrote.

the agent calls the tool: 

github_create_pr(owner="acme", repo="webapp", title="Bump log4j to 2.17", head="fix/log4j", base="main")

and gets back: the URL of the newly created Pull Request.

Configuration

Set these before calling the tool. Values marked required must be present or the tool call will fail.

GITHUB_TOKEN required

GitHub personal access token with 'repo' scope. Used as Bearer auth to POST pull requests.

Use it in a workflow

Wire this tool into a SwarmAI crew. Use the YAML DSL for declarative workflows, or the Java builder API when you want full programmatic control.

YAML DSL

# remediation.yaml
name: remediation-crew
process: SEQUENTIAL

agents:
  - id: engineer
    role: Remediation Engineer
    goal: Land security patches as reviewable pull requests
    tools:
      - github_create_pr

tasks:
  - id: remediation-task
    agent: engineer
    description: Open a PR in acme/webapp titled 'Bump log4j to 2.17' from fix/log4j into main.

Java

import ai.intelliswarm.swarmai.agent.Agent;
import ai.intelliswarm.swarmai.task.Task;
import ai.intelliswarm.swarmai.swarm.Swarm;
import ai.intelliswarm.swarmai.swarm.SwarmOutput;
import ai.intelliswarm.swarmai.process.ProcessType;
import ai.intelliswarm.swarmai.tool.security.GitHubPRTool;
import org.springframework.ai.chat.client.ChatClient;
import org.springframework.beans.factory.annotation.Autowired;

@Autowired ChatClient chatClient;
@Autowired GitHubPRTool gitHubPRTool;

Agent engineer = Agent.builder()
    .role("Remediation Engineer")
    .goal("Land security patches as reviewable pull requests")
    .chatClient(chatClient)
    .tool(gitHubPRTool)
    .build();

Task engineerTask = Task.builder()
    .description("Open a PR in acme/webapp titled 'Bump log4j to 2.17' from fix/log4j into main.")
    .agent(engineer)
    .build();

SwarmOutput result = Swarm.builder()
    .agent(engineer)
    .task(engineerTask)
    .process(ProcessType.SEQUENTIAL)
    .build()
    .kickoff();

What it's good for

Real scenarios where agents put this tool to work.

Automated remediation agent (CVE/OSV finding → patch PR)
Docs or refactor agents that propose changes via PR
Release-notes or dependency-bump bots
Multi-repo security fix rollouts

Source

Implementation lives at swarmai-tools/src/main/java/ai/intelliswarm/swarmai/tool/security/GitHubPRTool.java in the swarm-ai repository.

Open github_create_pr on GitHub →

← Back to all tools