Immediately escalate exposed secrets to your team

Exposed secrets are security emergencies that need immediate action. Notis automatically creates an urgent Linear issue the moment GitHub detects a secret so your team sees it in their task system without delay.

Trigger

New Secret Scanning Alert Detected

Triggers when a new secret scanning alert is detected in a GitHub repository. Monitors open secret scanning alerts and fires an event for each newly detected alert. Supports filtering by secret type (e.g., personal access tokens, AWS keys) and by token validity status (active, inactive, unknown). The payload includes the alert number, secret type, validity status, resolution state, timestamps, URLs, and flags for push protection bypass, public exposure, and multi-repo detection.

Linear logo

Action

Create linear issue

Creates a new issue in a specified linear project and team, requiring a title and description, and allowing for optional properties like assignee, state, priority, cycle, and due date.

Why this helps

Secret scanning alerts are critical but can be buried in GitHub settings or notification noise. When sensitive data exposure doesn't surface urgently in Linear, teams miss critical time to revoke access and prevent damage.

  • Exposed secrets surface immediately in Linear
  • Team responds faster to security incidents
  • Centralized incident tracking and coordination
  • Reduces time from detection to remediation

Setup

Build it in a few focused steps.

  • 1Connect GitHub and Linear to Notis.
  • 2Create the automation: 'When a secret scanning alert is detected, create an urgent Linear issue with the secret type and location.'
  • 3Choose an emergency notification channel.
  • 4Select the trigger: New Secret Scanning Alert Detected.
  • 5Test by creating a test repository with exposed secrets and verify the urgent Linear issue appears.

Questions about this workflow

Can I automatically revoke tokens when secrets are detected?

Notis creates the Linear issue for tracking. Token revocation requires additional actions beyond Linear but Notis can add detailed instructions to the issue for your team to follow.

What if I have many false positives in secret scanning?

Your automation prompt can be customized to filter by secret type or only trigger for active/valid secrets to reduce noise.

Should I notify on inactive secrets or only active ones?

Notis can include validity status in the Linear issue. You can configure your prompt to prioritize active secrets higher than inactive ones.

Can I assign these to a security team automatically?

Yes. Notis can assign to specific security contacts or teams based on your organization structure.

When this happens · Trigger

Do this · Action

Supported Triggers and Actions

Notis builds workflows that link GitHub to Linear. A trigger fires from one place; an action lands in another.

GitHub logo

GitHub triggers

Linear logo

Linear actions

New Workflow Artifact Created

Triggers when a new workflow artifact is created in a GitHub repository. Monitors for newly created GitHub Actions workflow artifacts. Optionally filters by artifact name to restrict monitoring to specific artifacts.

TriggerPolling

Create linear attachment

Creates a new attachment and associates it with a specific, existing linear issue.

ActionInstant

Branch Changed

Triggers when a GitHub branch changes. Monitors a specific branch for: - New commits pushed (head commit SHA changes) - Protection status toggled (branch becomes protected or unprotected) - Protection settings changed, including: required status checks and their enforcement level, admin enforcement, required pull request reviews (dismiss stale reviews, code owner reviews, approving review count, last push approval), required linear history, force push allowance, deletion allowance, conversation resolution, branch locking, and fork syncing.

TriggerPolling

Create a comment

Creates a new comment on a specified linear issue.

ActionInstant

New Branch Created

Triggers when a new branch is created in a GitHub repository. Detects newly created branches. Deleted branches do not fire events.

TriggerPolling

Create linear issue

Creates a new issue in a specified linear project and team, requiring a title and description, and allowing for optional properties like assignee, state, priority, cycle, and due date.

ActionInstant

Check Run Status / Conclusion Changed

Triggers when a specific GitHub check run changes its status or conclusion. Monitors a single check run for changes to: status (queued, in_progress, completed, etc.), conclusion (success, failure, neutral, cancelled, skipped, timed_out, action_required), started_at, and completed_at.

TriggerPolling

Get create issue default params

Fetches a linear team's default issue estimate and state, useful for pre-filling new issue forms.

ActionInstant

Check Suite Status / Conclusion Changed

Triggers when a GitHub check suite changes its status or conclusion for a given ref. Monitors all check suites associated with a git reference (branch, tag, or commit SHA) for changes to status (queued, in_progress, completed, etc.) and conclusion (success, failure, neutral, cancelled, skipped, timed_out, action_required, startup_failure, stale). Optionally filters by GitHub App ID.

TriggerPolling

Create a label

Creates a new label in linear for a specified team, used to categorize and organize issues.

ActionInstant

New Code Scanning Alert Created

Triggers when a new code scanning alert is created in a repository. Fires an event for each newly created code scanning alert detected in the configured repository. Alerts can be filtered by Git reference, scanning tool, state, and severity. The payload includes the alert number, rule details, tool information, state, severity, and the location of the most recent instance.

TriggerPolling

Delete issue

Archives an existing linear issue by its id, which is linear's standard way of deleting issues; the operation is idempotent.

ActionInstant

New Repository Collaborator Added

Triggers when a new collaborator is added to a GitHub repository. Monitors the full list of collaborators on a repository and fires an event for each newly added collaborator. The payload includes the collaborator's GitHub username, account ID, profile URL, avatar URL, permission flags (pull, triage, push, maintain, admin), and assigned role name.

TriggerPolling

Get all teams

Retrieves all teams from the linear workspace without requiring any parameters.

ActionInstant

Commit Event

Triggered when a new commit is pushed to a repository.

TriggerInstant

Download issue attachments

Downloads a specific attachment from a linear issue; the `file name` must include the correct file extension.

ActionInstant

Connect any two apps with Notis in the middle.

Not just GitHub and Linear. Any combination from 985+ integrations.

When this happens · Trigger

Do this · Action

Save your first hour today.

7 days free trial with 20$ free usage included.
No card. Works with personal or business Linear.