A web-based tool that performs security analysis on Nodejs repositories, providing threat modeling and vulnerability assessments with AI-powered risk evaluation.
- Triage of false-positives
- Threat modeling
- Interactive dashboard visualization
Augments LLMs with context-specific security metadata and open source intelligence from the GitHub advisories database.
- Clone the repository
- Add your GitHub and OpenAI API keys
- Start the agent server:
cd agent npm install npm start - Start the frontend server:
cd frontend npm install npm start - Enter a GitHub repository URL and click "Analyze"
Accepts a GitHub repository URL and returns:
- Threat model (in Markdown format)
- Vulnerability analysis with:
- Package information
- Contextual risk levels
- Exploitability assessment
- Required conditions
- Recommended mitigations