scan_codebase
Analyzes codebases for security vulnerabilities including authentication issues, API flaws, exposed secrets, and dependency risks, providing severity ratings and remediation steps.
Instructions
AI-powered security audit with real-time vulnerability database lookups.
Analyzes code for:
Authentication and authorization issues
API security vulnerabilities
Database security rules
Exposed secrets and environment variables
Dependency vulnerabilities (via npm audit)
Data flow and injection vulnerabilities
Returns findings with:
Severity ratings (critical, high, medium, low)
AI reasoning and confidence scores
CWE and OWASP references
Remediation steps
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | No | Absolute path to repository/directory to scan | |
| files | No | Provide file contents directly (alternative to path) | |
| categories | No | Limit scan to specific categories (default: all) | |
| severityThreshold | No | Only return findings at or above this severity |