diff --git a/.github/workflows/shiftleft.yml b/.github/workflows/shiftleft.yml
new file mode 100644
index 00000000..8c922a1d
--- /dev/null
+++ b/.github/workflows/shiftleft.yml
@@ -0,0 +1,52 @@
+---
+# This workflow integrates ShiftLeft NG SAST with GitHub
+# Visit https://docs.shiftleft.io for help
+name: ShiftLeft
+
+on:
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  NextGen-Static-Analysis:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Download ShiftLeft CLI
+      run: |
+        curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
+    # ShiftLeft requires Java 1.8. Post the package step override the version
+    - name: Setup Java JDK
+      uses: actions/setup-java@v1.4.3
+      with:
+        java-version: 1.8
+    - name: Extract branch name
+      shell: bash
+      run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
+      id: extract_branch
+    - name: NextGen Static Analysis
+      run: ${GITHUB_WORKSPACE}/sl analyze --strict --wait --app shiftleft-js-demo --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} --js --cpg .
+      env:
+        SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
+        
+  Build-Rules: 
+    runs-on: ubuntu-latest
+    needs: NextGen-Static-Analysis
+    steps:
+    - uses: actions/checkout@v2
+    - name: Download ShiftLeft CLI
+      run: |
+        curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
+    - name: Validate Build Rules
+      run: |
+        ${GITHUB_WORKSPACE}/sl check-analysis --app shiftleft-js-demo \
+            --branch "${{ github.head_ref || steps.extract_branch.outputs.branch }}" \
+            --report \
+            --github-pr-number=${{github.event.number}} \
+            --github-pr-user=${{ github.repository_owner }} \
+            --github-pr-repo=${{ github.event.repository.name }} \
+            --github-token=${{ secrets.GITHUB_TOKEN }}
+      env:
+        SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
+         
+  
\ No newline at end of file
diff --git a/README.md b/README.md
index eb6324fa..1bba79f1 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# NodeJS Tarpit
+# NodeJS Tarpit - Chuck B. (edited)
 
 An ExpressJS (tarpit) application using mongoDB.
 
diff --git a/shiftleft.yml b/shiftleft.yml
new file mode 100644
index 00000000..0600e987
--- /dev/null
+++ b/shiftleft.yml
@@ -0,0 +1,12 @@
+build_rules:
+  - id: allow-zero-findings
+    finding_types:
+      - vuln
+      - secret
+      - insight
+      - "*"
+    severity:
+      - SEVERITY_HIGH_IMPACT
+#      - SEVERITY_MEDIUM_IMPACT
+#      - SEVERITY_LOW_IMPACT
+     threshold: 10
diff --git a/src/Controllers/ImageLookup.js b/src/Controllers/ImageLookup.js
index 4542472b..3b280849 100644
--- a/src/Controllers/ImageLookup.js
+++ b/src/Controllers/ImageLookup.js
@@ -7,9 +7,30 @@ class ImageLookup {
     /* Can read any file in the server by passing the filename (image) in the query params */
     /* ex: http GET http://localhost:8089/api/v1/image-lookup image=="package.json" */
     const fileContent = fs.readFileSync(req.query.image).toString();
+
+// **************************************************
+// ************************************************** Vulnerable Code Block *****
+    
     logger.debug(fileContent);
     res.send(fileContent);
+    
+    
+// ************************************************** Remediated Code Block *****
+    
+//    string sanitizedStr = sanitizeString(fileContent)
+//    fileContent = sanitizedStr;
+//    logger.debug(sanitizedStr);
+//    res.send(sanitizedStr);
+    
   }
+  
+//  function sanitizeString(str){
+//    str = str.replace(/[^a-z0-9áéíóúñü \.,_-]/gim,"");
+//    return str.trim();
+//  }
+
+
+  
 }
 
 module.exports = ImageLookup;