16 security agents scan for secrets, injection, auth bypass, SSRF, supply chain attacks, agentic AI, MCP, RAG, PII, and more — with LLM-powered deep analysis and confidence tuning that cuts false positives by 70%.
npx ship-safe remediate . --all rewrites your code, writes the .env file, updates .gitignore, and fixes common vulnerabilities (TLS bypass, debug mode, XSS, Docker tags) — all in one shot.
// config.js import OpenAI from 'openai'; const openai = new OpenAI({ apiKey: "sk-proj-xK9mN2pL8qR3f5..." ← exposed });
// config.js import OpenAI from 'openai'; const openai = new OpenAI({ apiKey: process.env.OPENAI_API_KEY ← ✓ safe });
OPENAI_API_KEY=sk-proj-xK9mN2pL8qR3f5... 16 agents. 5 OWASP standards. One tool.
50+ secret patterns plus injection testing — SQL, NoSQL, XSS, command injection, path traversal, XXE, ReDoS, prototype pollution.
eval(), pickle.loads.gitignore — always scans .env filesDedicated agents for auth bypass, SSRF, and supply chain attacks — the hardest vulns to catch manually.
Scans Docker, Terraform, Kubernetes, CI/CD pipelines, LLM integrations, MCP servers, agentic AI, and RAG pipelines.
:latest tags, open portsEach agent is purpose-built to find what general scanners miss.
SQL/NoSQL injection, XSS, command injection, eval, path traversal, XXE, ReDoS, prototype pollution
JWT alg:none, weak secrets, CSRF, OAuth misconfig, BOLA/IDOR, timing attacks
User input in fetch/axios, cloud metadata endpoints, internal IPs, redirect following
Typosquatting, dependency confusion, git/URL deps, wildcard versions, suspicious install scripts
Dockerfile, Terraform (RDS, CloudFront, Lambda, S3), Kubernetes, CORS, CSP, Firebase, Nginx misconfigs
Row Level Security — service_role key in client code, CREATE TABLE without RLS, anon inserts, unprotected storage
OWASP LLM Top 10 — prompt injection, excessive agency, system prompt leakage, RAG poisoning
MCP server security — unvalidated tool inputs, missing auth, excessive permissions, tool poisoning
OWASP Agentic AI Top 10 — agent hijacking, privilege escalation, unsafe code execution, memory poisoning
RAG pipeline security — unvalidated embeddings, context injection, document poisoning, vector DB access control
PII detection — SSNs, credit cards, emails, phone numbers in source code, logs, and configs
Insecure storage, WebView injection, HTTP endpoints, debug mode, permissions
Leaked secrets in git history — checks if still active in working tree
Pipeline poisoning, unpinned actions, secret logging, self-hosted runners
Routes without auth, missing validation, mass assignment, GraphQL introspection, rate limiting, OpenAPI spec issues
Attack surface mapping — frameworks, auth patterns, databases, cloud providers
One command. Four phases. Prioritized fix list.
Scans every file for 50+ secret patterns with entropy scoring. Respects .gitignore for build output but always scans .env, .pem, and other security-sensitive files.
Deploys specialized agents for injection, auth bypass, SSRF, supply chain, config, Supabase RLS, LLM security, mobile, git history, CI/CD, API fuzzing, and recon. Context-aware confidence tuning reduces false positives.
Runs your package manager's own audit tool — npm, yarn, pnpm, pip, or bundler. Finds known CVEs in your dependency tree and flags vulnerable versions.
Computes a 0–100 security score across 8 weighted categories. Generates a prioritized remediation plan — CRITICAL first, then HIGH, MEDIUM — so you know exactly what to fix first.
Outputs a standalone dark-themed HTML report with every finding, file location, severity, CWE/OWASP mapping, and suggested fix. Share it with your team or attach it to a PR.
Everything you need. Nothing you don't.
Full security audit — secrets + 16 agents + deps + score + deep analysis + remediation plan + HTML report.
Run 16 security agents (80+ attack classes) against your codebase. Targeted deep scan.
Quick secret scan — 50+ patterns with entropy scoring. No API key needed.
0–100 security health score with A–F grade. 8 weighted categories.
Audit npm, yarn, pnpm, pip, or bundler dependencies for known CVEs.
AI-powered audit — scan + classify with Claude + auto-fix secrets.
Continuous monitoring — watches files for changes and re-scans automatically.
CI/CD pipeline mode — compact output, threshold gating, exit codes. Optimized for automation.
Accept current findings as baseline — only report regressions on future scans.
Auto-fix secrets and common vulnerabilities — TLS bypass, debug mode, XSS, Docker :latest.
Install a git hook that blocks git push if secrets are found.
Use ship-safe ci for threshold-based gating, compact output, and SARIF. Zero config.
name: Security Audit
on: [push, pull_request]
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Security gate
run: npx ship-safe ci . --threshold 75 --sarif results.sarif
- uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: results.sarif
Use --sarif with scan to upload findings directly to GitHub's Security tab via github/codeql-action/upload-sarif.
audit, scan, red-team, ci, score, deps, and guard all work fully offline with no API key. AI classification and deep analysis are optional — pass --no-ai to skip it. If you want AI, ship-safe supports Anthropic, OpenAI, Google Gemini, and local Ollama models.agent command or omit --no-ai. When AI is used, only matched snippets (±2 lines) are sent. Secret values are masked — the LLM sees sk-proj-***Q3f5, not your actual key. The audit command with --no-ai is fully local.node_modules, dist, build) is skipped. But security-sensitive files like .env, .pem, .key, and credentials.json are always scanned even if gitignored — because those files are gitignored because they contain secrets..ship-safe/context.json. On subsequent runs, only changed files are re-scanned — unchanged files reuse cached results. This makes repeated scans ~40% faster. Use --no-cache to force a full rescan.claude plugin add github:asamassekou10/ship-safe and use /ship-safe for a full audit, /ship-safe-scan for secrets, /ship-safe-score for your health score, /ship-safe-fix for auto-remediation, or /ship-safe-baseline to manage your baseline. Claude interprets the results and can fix issues directly.ship-safe ci . for pipeline-optimized output with threshold gating (--threshold 80) and severity-based failure (--fail-on critical). Use --sarif to upload findings to GitHub's Security tab. Exit code 0 = pass, 1 = fail.--deep for LLM-powered exploitability verification, ship-safe baseline . to accept current findings and only see new regressions, or add # ship-safe-ignore to suppress individual lines.Free, open-source, no signup. Run it in 10 seconds flat.