🔍
OWASP Top 10
Injection, broken auth, XSS, insecure deserialization — full coverage with line-level detail.
📦
Dependency CVEs
Scan requirements.txt, package.json, Gemfile for known vulnerabilities via OSV database.
🤖
AI Fix Suggestions
Every issue comes with a concrete fix — not just "this is vulnerable" but how to fix it.
⚡
Fast Integration
REST API, no SDK required. Add to your CI/CD in 5 minutes with a single curl command.
🔀
Diff or Full File
Scan a full source file or a unified diff. Perfect for PR checks or pre-commit hooks.
📊
Structured JSON
Machine-readable results with severity, line numbers, OWASP category, and fix suggestions.
Integrate in minutes
curl
Python
Node.js
GitHub Action
# Scan a file for security issues
curl -X POST https://neuronx.jagatab.uk/v1/scan \
-H "X-Api-Key: nx-YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"code": "'"$(cat app.py)"'",
"filename": "app.py",
"severity_threshold": "warning"
}'
# Response
{
"status": "error",
"summary": {"total_issues": 2, "errors": 1, "warnings": 1},
"issues": [
{
"severity": "error",
"line": 4,
"message": "Command injection via shell=True",
"owasp": "A03:2021 Injection",
"fix_suggestion": "Use shell=False and pass args as list"
}
],
"scan_time_ms": 142.3
}
import requests
client = requests.Session()
client.headers["X-Api-Key"] = "nx-YOUR_KEY"
def scan_file(path):
code = open(path).read()
resp = client.post("https://neuronx.jagatab.uk/v1/scan", json={
"code": code,
"filename": path,
"severity_threshold": "warning",
})
result = resp.json()
for issue in result["issues"]:
print(f"{issue['severity'].upper()} line {issue['line']}: {issue['message']}")
return result["status"] == "clean"
# Fail CI if security errors found
if not scan_file("app.py"):
raise SystemExit("Security issues detected — fix before shipping")
const fs = require('fs');
async function scanFile(path) {
const res = await fetch('https://neuronx.jagatab.uk/v1/scan', {
method: 'POST',
headers: {
'X-Api-Key': process.env.CODEGUARD_KEY,
'Content-Type': 'application/json',
},
body: JSON.stringify({
code: fs.readFileSync(path, 'utf8'),
filename: path,
severity_threshold: 'warning',
}),
});
const result = await res.json();
result.issues.forEach(i => {
console.log(`${i.severity.toUpperCase()} line ${i.line}: ${i.message}`);
});
return result.status === 'clean';
}
scanFile('app.js').then(ok => { if (!ok) process.exit(1); });
# .github/workflows/codeguard.yml
name: CodeGuard Security Scan
on: [pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with: {fetch-depth: 0}
- name: Scan changed files
env:
CODEGUARD_KEY: ${{ secrets.CODEGUARD_KEY }}
run: |
DIFF=$(git diff origin/${{ github.base_ref }}...HEAD)
curl -sf -X POST https://neuronx.jagatab.uk/v1/scan \
-H "X-Api-Key: $CODEGUARD_KEY" \
-H "Content-Type: application/json" \
-d "$(jq -n --arg d "$DIFF" \
'{diff:$d,severity_threshold:"error"}')" | tee scan.json
STATUS=$(jq -r .status scan.json)
jq -r '.issues[] | "[\(.severity|ascii_upcase)] line \(.line): \(.message)"' scan.json
[ "$STATUS" != "error" ] || exit 1
- name: Upload scan results
if: always()
uses: actions/upload-artifact@v4
with:
name: codeguard-results
path: scan.json