Scan any AI-built app in 30 seconds.
Paste a public GitHub repo. Get back: every leaked secret, every overpriced LLM call, and every risky agent — with copy-paste fix prompts for Cursor or Claude Code.
Free scan, instant results. Pay $19 once to unlock full file paths + fix prompts.
REAL SCANS — ROTATING
We scanned ohong/straude
Strava-for-Claude-Code leaderboard — Product Hunt, Apr 2026
LK_028_supabase_no_rls · supabase/migrations/ (26 tables)
Supabase tables created without ENABLE ROW LEVEL SECURITY
Fix prompt for Cursor: “Append `ALTER TABLE <table> ENABLE ROW LEVEL SECURITY;` and add at least one CREATE POLICY scoped to auth.uid() per table — anon clients otherwise have full read/write.”
These are real scans of recent Product Hunt indie launches. Your repo probably has more. Vibe-coded apps average 8–45 leaks + dozens of cost issues + several risky agents.
Did you commit a secret?
42 high-precision rules: exposed API keys, public buckets, default JWT secrets, outdated deps with known CVEs, and AI-specific patterns nobody else checks.
Are you overpaying for AI?
Static analysis of every OpenAI/Anthropic call site. We project monthly savings if you routed simple prompts to a cheaper model. Usually 30–50% on the table.
Will your agents go off the rails?
Every agent in your code gets a risk class A → D. We tell you which ones have untrusted input flowing to a tool that writes files — and exactly how to split the workflow.
HOW IT WORKS
- 1Paste a GitHub URL
Any public repo. We clone it, never store its contents.
- 2Wait ~30 seconds
Static analysis runs across 42 rules + LLM call sites + agent definitions. No code is executed.
- 3Pay $19 once, unlock everything
Free tier shows counts. Paid unlocks every finding with a ready-to-paste fix prompt.
PRICING
Free scan. $19 to unlock the report.
One-time payment per scan. No subscription, no integration, no SDK.