Open-source security guardian that scans, audits, and hardens multi‑stack code
It offers a curated knowledge base and 40 Semgrep rules validated by regression fixtures, linked through a manifest that prevents drift between documentation and implementation. Users can run static analysis, generate deterministic audit logs, and execute in‑process DAST tests via provided Python utilities and a sandboxed runner. Targeted at developers of Next.js, FastAPI, SQL, and infrastructure projects needing reproducible, low‑false‑positive security audits. Unlike generic linters, it enforces strict rule‑fixture coupling and anti‑drift validation, keeping the rule set reliable and up‑to‑date.
View on GitHub →ocelotbr-decoBR/pentest-ai-guardian