TL;DR
You can now paste any public GitHub repo URL and get a security grade back in seconds, no signup.
It runs static analysis, secret detection, and dependency scanning on the source and ranks what it finds.
Handy before you adopt a dependency, review someone else's code, or ship your own weekend project.
Last month a friend sent me a repo. He'd vibe-coded a Stripe-backed side project over a weekend with Cursor, wired up auth, and wanted to know if it was safe to put in front of real users. Fair question. My honest answer was "give me an hour."









