Documentation

ShiftFlowIQ Docs

Everything you need to set up governance scanning, connect your repos, and generate compliance reports.

Getting Started

From zero to first scan in three commands.

Quick Start

Install
go install github.com/gmx3c-org/shiftflowiq@latest
Scan
shiftflowiq scan --dir . --fail-on-high
Upload
shiftflowiq scan --upload --api-key $SHIFTFLOWIQ_API_KEY

GitHub Action

Add governance scanning to any GitHub repository in one workflow file.

name: ShiftFlowIQ Governance Scan
on:
  pull_request:
    branches: [main]

jobs:
  governance:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: gmx3c-org/shiftflowiq-action@v1
        with:
          api-key: ${{ secrets.SHIFTFLOWIQ_API_KEY }}
          fail-on-high: true

API Reference

Full REST API. All tiers get API access. OpenAPI spec at /api/docs.

Scans

Ingest scan results, list runs, trigger on-demand scans, and retrieve findings.

/api/scans

Findings

List, filter, resolve, and exempt governance findings across all repositories.

/api/findings

Policies

Create, update, enable/disable, and delete policy rules. Manage custom rule packs.

/api/policies

Reports

Generate one-click compliance reports for SOC 2, HIPAA, SOX, FedRAMP, and EU AI Act.

/api/reports

Organization

Manage team members, roles, invites, and organization settings.

/api/org

Integrations

Connect CI/CD platforms, data warehouses, Slack, PagerDuty, and more.

/api/integrations

Webhooks

Register outbound webhook endpoints and receive scan event notifications.

/api/webhooks

API Keys

Generate and revoke API keys for scanner and CI/CD authentication.

/api/keys

Scanner Rule Packs

11 built-in rule packs ship with the scanner. All open source.

AI Governance

Python, TypeScript, YAML · 40+ rules

AWS Security

Terraform · 15 rules

Azure Security

Terraform · 15 rules

CI/CD Security

YAML workflows · 15 rules

dbt Governance

YAML, SQL · 15 rules

Docker Security

Dockerfile · 15 rules

Kubernetes Security

YAML manifests · 15 rules

MLOps Security

Python, YAML · 15 rules

Snowflake Security

SQL, YAML · 15 rules

Snowflake Cortex AI

SQL, Python · 15 rules

Ansible Security

YAML playbooks · 15 rules