From 32f18e6f13831586eba034ec54dc8fbc166bf704 Mon Sep 17 00:00:00 2001
From: Rajendra Reddy <rajendra@wdipl.com>
Date: Wed, 18 Feb 2026 18:32:46 +0000
Subject: [PATCH] Add .gitea/workflows/mobsf.yml

---
 .gitea/workflows/mobsf.yml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .gitea/workflows/mobsf.yml

diff --git a/.gitea/workflows/mobsf.yml b/.gitea/workflows/mobsf.yml
new file mode 100644
index 0000000..0d6da8c
--- /dev/null
+++ b/.gitea/workflows/mobsf.yml
@@ -0,0 +1,35 @@
+name: MobSF Security Scanning
+on: 
+  push:
+    branches: [ main, master ]
+  pull_request:
+
+jobs:
+  mobsf-analysis:
+    runs-on: ubuntu-latest
+    steps:
+      # 1. Pull the code from your Gitea repository into the runner workspace
+      - name: Checkout Code
+        uses: https://github.com/actions/checkout@v4
+
+      # 2. (Optional) Verification step to see where your code is
+      - name: Verify Workspace
+        run: |
+          echo "Current Path: $(pwd)"
+          ls -F
+
+      # 3. Run MobSF Static Analysis
+      # This will automatically detect Flutter, React Native, and Swift files
+      - name: MobSF Scan
+        uses: https://github.com/MobSF/mobsfscan@main
+        with:
+          # '.' tells MobSF to scan the code checked out in step 1
+          args: '. --html --output report.html || true'
+
+      # 4. Upload the result to Gitea using the link you provided
+      - name: Upload Report to Gitea
+        uses: https://gitea.com/actions/upload-artifact@v3
+        with:
+          name: Security-Analysis-Report
+          path: report.html
+          retention-days: 5
\ No newline at end of file