Skip to main content
Arga has two top-level product surfaces:
  • Ask helps you investigate your stack with connected context sources.
  • Validate helps you run tests, scans, and automated checks.
Within Validate, Arga currently offers four workflows. Use this page to decide which one fits your goal and how to run it.

Quick chooser

Test my app

Run a fast one-off validation against a deployed URL.

Automatic GitHub validation

Run checks automatically on pull requests or branch commits.

Sandbox testing

Validate scenarios in an isolated sandbox with service twins.

Scan my app

Red-team a deployed app for edge cases and unexpected behavior.

Test my app

Use Test my app when you already have a staging, preview, or production URL and want a quick manual run.

How to use it

  1. Open Validate and select Test my app.
  2. Enter the deployed URL.
  3. Describe the task in natural language, such as test checkout or verify the login flow.
  4. Optionally provide login credentials if the app requires authentication.
  5. Choose a runner.
  6. Click Run test.

What to expect

Arga runs the agent against the target URL and returns a validation timeline with actions, findings, and errors.

Automatic GitHub validation

Use Automatic GitHub validation when you want Arga to run on every pull request or on commits to a selected branch.

How to use it

  1. Connect GitHub in Integrations.
  2. Open Validate and select Automatic GitHub validation.
  3. Choose the repository you want Arga to monitor.
  4. Install the Arga GitHub App for that repository.
  5. Choose a trigger mode:
    • Pull requests
    • Commits to branch
  6. Optionally enable PR comments and the post-validation scan.
  7. Save the validation settings.

What to expect

Arga publishes results back to GitHub as the Arga Validation check. You can also review recent runs from the Validate UI.

Sandbox testing

Use Sandbox testing when you want to validate a change flow in an isolated environment instead of against a live app.

How to use it

  1. Open Validate and select Sandbox testing.
  2. Choose the repository to deploy.
  3. Select the twins you want in the sandbox, such as stripe, slack, or github.
  4. Describe the scenario you want to exercise.
  5. Start the sandbox deployment.

What to expect

Arga launches a sandbox deployment with the selected twins and runs the target scenario without touching live external systems.

Scan my app

Use Scan my app when you want Arga to behave more like a red team than a scripted tester.

How to use it

  1. Open Validate and select Scan my app.
  2. Enter the target URL.
  3. Add one or more roles that Arga should use while probing the app.
  4. Optionally attach credentials for authenticated roles.
  5. Choose a runner.
  6. Click Start scan.

What to expect

Arga first performs reconnaissance, proposes attack campaigns, and then runs the approved scan to uncover UI and UX bugs, edge cases, and unexpected behavior.

Runner options

Two workflows let you choose how Arga executes the run:
  • Visual-based uses the browser-driven runner. Choose this for interactive flows and visual regressions.
  • DOM-based uses the DOM-focused runner. Choose this for structured page state inspection and campaign execution.

Which mode should you choose?

  • Choose Test my app when you want a fast answer on a deployed URL.
  • Choose Automatic GitHub validation when you want repeatable checks on every code change.
  • Choose Sandbox testing when you need isolated end-to-end flows with service twins.
  • Choose Scan my app when you want adversarial exploration instead of a single happy-path test.