now available

Secure your stack
in seconds.

The security scanner that thinks like a developer. Runs locally, gates CI, and feels like a native CLI tool. Built for a world where code ships faster than ever with AI-assisted development, so teams can move fast across frameworks without losing safety.

$npm install -g @reliabilityworks/vibesec

Install CLI

vibesec-cli - zsh

➜~

Quick Install

bash

npm install -g @reliabilityworks/vibesec

Scan Summary

nextjs/hardcoded-env-client

src/lib/billing.ts:24

nextjs/exposed-api-route

src/app/api/users/route.ts:1

250msAvg Scan Time

0Config Required

100%Local Execution

The Instrument Panel

VibeSec isn’t a platform you have to log into. It’s a toolchain that lives where you work, in your terminal and your pipeline.

Local-first speed

Fast, local static analysis with a tight feedback loop. No cloud roundtrips.

Safe by design

Never executes repository code. Rules are declarative and scans are passive.

CI-ready outputs

Export CLI, JSON, SARIF, or HTML. Gate builds via severity thresholds and upload SARIF to GitHub Code Scanning.

CI/CD Pipeline

Secure your pipeline
without slowing down.

Catch regressions before they merge. Use the GitHub Action (SARIF) or run the CLI in any CI that can execute Node.

Fails the job on high/critical findings
Exports SARIF for GitHub Code Scanning
Supports baselines and targeted ignores

View Integration Docs

github-actions - workflow.yml

✓Checkout repository1s

✓Install dependencies14s

⟳Run VibeSec scanRunning...

→ Finding config in .vibesec.yaml

→ Scanning 142 files...

Ready to ship secure code?

Join developers shipping secure code with VibeSec. Open source and free for individuals.

Get Started Now View on GitHub

Secure your stack in seconds.