---
title: "CI/CD Integrations Code Agent SDK"
source: https://docs.autohand.ai/agent-sdk/automation/ci-cd-integrations
---

# CI/CD Integrations

Adding the Autohand Code Agent SDK to CI/CD pipelines turns pull requests and commits into automated review, test, and deployment tasks.

## Common pipeline tasks

-   Review pull requests and post comments.
-   Generate or update tests for changed files.
-   Validate migrations, configuration, and documentation.
-   Build release notes from commit history.

## GitHub Actions example

The following workflow starts an agent on every pull request and posts a review summary.

## Security in CI

-   Run agents in ephemeral containers with minimal permissions.
-   Use read-only file systems when possible.
-   Never expose `AUTOHAND_API_KEY` in logs.
-   Require human approval before the agent can push or deploy.

## Best practices

-   Keep pipeline agents focused on a single task. Long, open-ended prompts are harder to debug.
-   Exit with a non-zero status only when the agent found a blocking issue.
-   Cache the Autohand CLI and dependencies between runs.
-   Store agent output as artifacts so developers can inspect it.