Foundational flows

• Tier: Premium, Ultimate
• Add-on: GitLab Duo Core, Pro, or Enterprise
• Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated

Model information

• LLM: Anthropic Claude Sonnet 4

Foundational flows are built and maintained by GitLab and display a GitLab-maintained badge ({tanuki-verified}).

Each flow is designed to solve a specific problem or help you with a development task.

The following foundational flows are available:

• Software Development: Create AI-generated solutions for work across the software development lifecycle.
• Developer: Create actionable merge requests from issues.
• Fix CI/CD Pipeline: Diagnose and repair failed jobs.
• Convert to GitLab CI/CD: Migrate Jenkins pipelines to CI/CD.
• Code Review: Automate code review with AI-native analysis and feedback.
• SAST false positive detection: Automatically identify and filter false positives in SAST findings.

Security for foundational flows

In the GitLab UI, foundational flows have access to the following GitLab APIs:

• Projects API
• Issues API
• Merge Requests API
• Repository Files API
• Branches API
• Commits API
• CI Pipelines API
• Labels API
• Epics API
• Notes API
• Search API

Service accounts

Foundational flows use a service account to complete tasks. For more information, see composite identity workflow.

When foundational flows create merge requests, the merge request is attributed to the service account. This means the user who triggered the flow can approve and merge AI-generated code. Organizations with SOC 2, SOX, ISO 27001, or FedRAMP requirements should review the compliance considerations and implement appropriate approval policies.