AI Code Guardian

Security scanner for AI-generated code

cargo install ai-code-guardian

What It Detects

🔑

Hardcoded Secrets

API keys, passwords, tokens, and credentials exposed in source code

💉

SQL Injection

Unsafe query construction with string concatenation

🔓

Insecure HTTP

Unencrypted connections transmitting data in plain text

☁️

AWS Credentials

Exposed AWS access keys and secrets

🗄️

Database URLs

Connection strings with embedded credentials

⚠️

Dangerous Code

eval() usage and other risky patterns

Example Output

🛡️ AI Code Guardian - Security Scan Scanning: ./src ❌ HIGH: Hardcoded API Key File: api.js:12 Code: const API_KEY = "sk-1234567890abcdef" Risk: API key found in source code. Store in environment variables instead. Fix: Use process.env.API_KEY or import from .env file ❌ HIGH: SQL Injection Risk File: db.js:45 Code: query = "SELECT * FROM users WHERE id = " + userId Risk: String concatenation in SQL query. Use parameterized queries. Fix: Use parameterized queries: db.query('SELECT * FROM users WHERE id = ?', [userId]) ❌ MEDIUM: Insecure HTTP Connection File: api.js:8 Code: fetch("http://api.example.com/data") Risk: Using HTTP instead of HTTPS. Data transmitted in plain text. Fix: Change to HTTPS: https://... Scan complete: 3 issues found (2 high, 1 medium, 0 low) Scanned 15 files

Why AI Code Guardian?

💡

Auto-Fix Suggestions

Don't just find issues - get actionable fixes. Every vulnerability includes a specific solution.

Lightning Fast

Written in Rust. Scans entire codebases in seconds. 10x faster than Node.js alternatives.

📦

Single Binary

No npm, no node_modules, no dependencies. Just one executable.

🎯

Zero Config

Works out of the box. No setup required.

🔒

100% Local

No data leaves your machine. Complete privacy.

🎨

Beautiful Output

Color-coded, easy to read results with clear explanations.