HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Svengali-tech

no profile record

Submissions

Yikes – Security scanner for AI-generated code

yikes-security.vercel.app
2 points·by Svengali-tech·5 เดือนที่ผ่านมา·3 comments

comments

Svengali-tech
·5 เดือนที่ผ่านมา·discuss
The problem: AI-generated code often ships with hardcoded secrets, SQL injection vulnerabilities, and weak crypto. Most indie devs and startups don't have time or budget for security audits.

How it works: 1. Paste a GitHub repo URL 2. Yikes clones it, runs Semgrep with custom rules + dependency checks 3. Get results in ~30 seconds

It catches: - Hardcoded API keys, passwords, tokens - SQL injection via string interpolation - XSS patterns - Weak hashing (MD5, SHA1) - Vulnerable npm/pip packages - Common misconfigurations (.env not gitignored, debug mode, etc.)

Supports: JS/TS, Python, Swift, Go, Ruby, PHP, Java, Kotlin, C#

Free tier: 5 scans/day. No signup required.

Would love feedback - especially on false positive rates and what rules to add.