Things to be aware of.

Githubs OAuth "repo" scope is the only way to get read access to private repos. By proceeding you will be granting this application read/write access to code, commit statuses, invitations, collaborators, adding team memberships, and deployment statuses for public and private repositories and organizations.

Once a repo has been scanned and the report generated the local repo copy as well as the results of the scan are deleted.

If a vulnerability is found in a repo that doesn't mean that the code is unsecure, a non trivial amount of vulnerabilities found in code are false positives. This scan is not guaranteed to show you all existing vulnerabilities. This tool is intended to show you what might be wrong, it is up to you to determine if it needs to be fixed or not.

Only Python 3 is supported at the moment.

Sign in with Github