Alerts

When a run’s assertions fail, Garnet can notify your team automatically — on your pull request, in Slack, or via a custom webhook. Configure alerts from Settings → Alerting.

​

GitHub PR comments

Get security feedback directly on your pull requests. When the Garnet agent runs during a pull_request-triggered workflow, results are posted as a PR comment.

​

When assertions fail

The comment shows a Security Issues Detected table with:

​

When all assertions pass

A green No Security Issues Detected comment confirms the run was clean, giving your team confidence to merge.

​

Setup

1. Install the Garnet Platform App on your GitHub repositories.
2. In Garnet, go to Settings → Alerting → confirm GitHub PR Comments shows “App Installed” and “Comments On”.

​

Slack notifications

Receive alerts in Slack when assertions fail. Each notification includes:

• Policy — The assertion that failed
• Destination — The flagged domain and port/protocol
• Source — Runner, workflow, and user context
• Alert ID — Unique identifier for tracking
• View in Console — Direct link to the run in the Garnet dashboard

​

Setup

1. Create a Slack Incoming Webhook:
   • Create a new Slack app and select your workspace
   • Go to Incoming Webhooks → toggle On
   • Click Add New Webhook to Workspace, select your channel, authorize
   • Copy the Webhook URL (starts with https://hooks.slack.com/...)
2. In Garnet, go to Settings → Alerting → Add Webhook and paste your Slack URL.

​

API tokens

Manage API tokens from Settings → API Tokens. Tokens authenticate your agents with the Garnet platform.

• Create Token — Generate a new token for agent deployment
• View / Copy — Reveal or copy an existing token value
• Delete — Revoke a token (agents using it will stop reporting)

​

Next steps

• Runs — View runtime profiles and assertion results
• Agents — Manage your agent fleet
• Quick Start — Set up your first agent