> ## Documentation Index > Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt > Use this file to discover all available pages before exploring further. # Start Agent Scan > Initiates an AI-powered agent analysis for a repository. The agent uses LLM-based code exploration to perform deep security threat hunting, bug finding, or custom analysis based on user-provided instructions. Files are filtered by extension, size (≤400KB), and line count (≤5000 lines), with a maximum of 500 files per scan. ## OpenAPI ````yaml /openapi.json post /api/analysis/agents/scan/start openapi: 3.0.3 info: title: CodeAnt AI API description: >- API for code analysis (SAST, SCA, secrets, IaC) and developer productivity metrics. Supports GitHub, GitLab, Bitbucket, and Azure DevOps. version: 1.0.0 servers: - url: https://api.codeant.ai description: Production server security: [] tags: - name: Analysis description: Code analysis operations - name: Agent Analysis description: >- AI-powered agent analysis operations. Uses LLM-based code exploration agents to perform deep security threat hunting, bug finding, and custom analysis with reflection-based false positive filtering. - name: Developer Metrics — Teams description: >- Manage developer teams: create, update, delete teams and manage team membership. Teams are used to organize developers and scope metrics. - name: Developer Metrics description: >- Developer productivity and activity metrics: active developers, PR throughput, individual comparisons, and AI-generated summaries. All endpoints support GitHub, GitLab, Bitbucket, and Azure DevOps. paths: /api/analysis/agents/scan/start: post: tags: - Agent Analysis summary: Start Agent Scan description: >- Initiates an AI-powered agent analysis for a repository. The agent uses LLM-based code exploration to perform deep security threat hunting, bug finding, or custom analysis based on user-provided instructions. Files are filtered by extension, size (≤400KB), and line count (≤5000 lines), with a maximum of 500 files per scan. operationId: startAgentScan requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/AgentScanStartRequest' examples: threat_hunting: summary: Threat hunting scan on a GitHub repository value: service: github repo: owner/repository accessToken: ghp_xxxxxxxxxxxx branch: main instructionPrompt: threat_hunting includeFiles: src/**/*.py,lib/**/*.js excludeFiles: tests/**,node_modules/** responses: '200': description: Agent scan successfully started content: application/json: schema: $ref: '#/components/schemas/AgentScanStartResponse' example: message: Scan started successfully scanId: aB3xK9mP2q filesQueued: 142 '400': description: Missing required parameter content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: error: 'Missing required parameter: instructionPrompt' '500': description: Failed to start scan content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: error: Failed to start scan components: schemas: AgentScanStartRequest: type: object required: - service - repo - accessToken - branch - instructionPrompt properties: service: type: string description: Version control service provider enum: - github - gitlab - azuredevops - bitbucket example: github repo: type: string description: Repository identifier (format varies by service) example: owner/repository accessToken: type: string description: OAuth or personal access token for the VCS service example: ghp_xxxxxxxxxxxx branch: type: string description: Git branch to analyze example: main instructionPrompt: type: string description: Analysis type. Use `threat_hunting` for security threat detection. example: threat_hunting commitId: type: string description: >- Specific commit SHA to analyze. If omitted, the latest commit on the branch is used. default: '' example: abc123def456 includeFiles: type: string description: Comma-separated glob patterns for files to include in analysis default: '' example: src/**/*.py,lib/**/*.js,app/**/*.ts excludeFiles: type: string description: Comma-separated glob patterns for files to exclude from analysis default: '' example: tests/**,node_modules/**,dist/** azureDevopsBaseUrl: type: string description: Base URL for Azure DevOps (for self-hosted instances) default: https://dev.azure.com gitlab_base_url: type: string description: Base URL for GitLab (for self-hosted instances) default: https://gitlab.com github_base_url: type: string description: Base URL for GitHub (for GitHub Enterprise Server) default: https://github.com bitbucket_base_url: type: string description: Base URL for Bitbucket (for Bitbucket Data Center) default: https://api.bitbucket.org/2.0 AgentScanStartResponse: type: object properties: message: type: string description: Success message example: Scan started successfully scanId: type: string description: >- Unique identifier for the scan. Use this to retrieve results and check status. example: aB3xK9mP2q filesQueued: type: integer description: Number of files queued for analysis example: 142 ErrorResponse: type: object properties: error: type: string description: Error message ````