explaingit

vibeforge1111/vibeship-scanner

Analysis updated 2026-07-09 · repo last pushed 2026-03-04

123PythonAudience · vibe coderComplexity · 2/5MaintainedLicenseSetup · easy

TLDR

Free security scanner that checks your code for vulnerabilities and gives you copy-paste AI prompts to fix them. Paste a GitHub URL, get plain-English results and ready-to-use fix instructions for your AI assistant.

Mindmap

mindmap
  root((repo))
    What it does
      Scans code for flaws
      Generates fix prompts
      Plain English results
    How to use
      Paste GitHub URL
      Use Claude Desktop plugin
      Copy Master Fix Prompt
    What it finds
      SQL injection
      Exposed API keys
      Weak authentication
    Tech stack
      SvelteKit
      Python Flask
      Trivy and Gitleaks
    Audience
      Solo founders
      Vibe coders
      Small teams
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Paste a public GitHub repo URL to get a security scan with plain-English findings and copy-paste fix prompts.

USE CASE 2

Ask Claude Desktop to scan your repo and fix vulnerabilities in the same conversation using the MCP integration.

USE CASE 3

Generate a Master Fix Prompt to hand your AI assistant so it works through every vulnerability one by one.

What is it built with?

PythonFlaskSvelteKitTrivyGitleaksnpm audit

How does it compare?

vibeforge1111/vibeship-scannerjackson-video-resources/markov-hedge-fund-methodlllyasviel/toondecompose
Stars123120130
LanguagePythonPythonPython
Last pushed2026-03-042023-08-31
MaintenanceMaintainedDormant
Setup difficultyeasyeasyhard
Complexity2/53/54/5
Audiencevibe coderdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

No install needed, paste a public GitHub URL at scanner.vibeship.co to scan, Claude Desktop integration requires MCP configuration.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

Vibeship Scanner is a free security tool that checks your code for vulnerabilities and then gives you copy-paste prompts to fix them with an AI assistant like Claude, Cursor, or ChatGPT. The idea is straightforward: when you are building quickly with AI, security mistakes slip through. This tool catches them and hands you the exact instructions to paste back into your AI so it can fix the problems for you. You can use it without installing anything, just paste a public GitHub repository URL at scanner.vibeship.co and get a full scan in minutes. It runs 16 scanners across 2,200-plus security rules covering things like SQL injection, exposed API keys, cross-site scripting, weak authentication, and misconfigured settings across 15-plus programming languages. Results come back in plain English instead of security jargon, and each finding includes the file, line number, what is wrong, and a ready-to-use fix prompt. For repos with many issues, there is a "Master Fix Prompt" that tells your AI assistant to work through every vulnerability one by one. The people who get the most out of this are builders who ship fast with AI tools and may not have a security background. A solo founder launching a SaaS app, a vibe coder prototyping a new product, or a small team without a dedicated security person can all benefit. Instead of reading a dense vulnerability report, you get a prompt you can paste straight into your AI assistant that says something like "fix the SQL injection in src/db/users.js at line 45 by replacing string concatenation with parameterized queries", and the AI handles it. It also integrates directly with Claude Desktop and other MCP-compatible AI assistants, so you can ask Claude to scan your repo and then fix the issues in the same conversation. You can even ask it to look up specific CVEs or flag false positives. The project is built with a SvelteKit frontend and a Python Flask backend, combining established open-source scanners like Trivy, Gitleaks, and npm audit under one roof. It is Apache 2.0 licensed and open to community contributions, particularly new scanning rules.

Copy-paste prompts

Prompt 1
Scan my GitHub repo at [your-repo-url] for security vulnerabilities and give me the copy-paste fix prompts for each issue found.
Prompt 2
Use the Vibeship Scanner MCP tool to scan my repository, then fix the SQL injection vulnerability it finds by replacing string concatenation with parameterized queries.
Prompt 3
Run a security scan on my project and generate the Master Fix Prompt so I can paste it into Cursor and have it fix every vulnerability one by one.
Prompt 4
Scan my repo for exposed API keys and weak authentication issues, then give me the specific prompts to paste into ChatGPT to fix them.

Frequently asked questions

What is vibeship-scanner?

Free security scanner that checks your code for vulnerabilities and gives you copy-paste AI prompts to fix them. Paste a GitHub URL, get plain-English results and ready-to-use fix instructions for your AI assistant.

What language is vibeship-scanner written in?

Mainly Python. The stack also includes Python, Flask, SvelteKit.

Is vibeship-scanner actively maintained?

Maintained — commit in last 6 months (last push 2026-03-04).

What license does vibeship-scanner use?

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

How hard is vibeship-scanner to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is vibeship-scanner for?

Mainly vibe coder.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.