name: Security Scan
on:
  push:
    branches: [ main, master ]
  pull_request:
    branches: [ main, master ]
  schedule:
    - cron: '0 0 * * 1'  # Run weekly on Mondays
  workflow_dispatch:  # Allow manual trigger

jobs:
  security_scan:
    runs-on: ubuntu-latest

    env:
      API_KEY: PLACEHOLDER

    steps:
      - name: Check out repository
        uses: actions/checkout@v4

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.11'
          cache: 'pip'

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install agentic-security colorama tabulate tqdm python-multipart

      - name: Run security scan
        id: scan
        run: |
          agentic_security init
          # agentic_security ci