Analysis updated 2026-07-09 · repo last pushed 2026-03-04
Paste a public GitHub repo URL to get a security scan with plain-English findings and copy-paste fix prompts.
Ask Claude Desktop to scan your repo and fix vulnerabilities in the same conversation using the MCP integration.
Generate a Master Fix Prompt to hand your AI assistant so it works through every vulnerability one by one.
| vibeforge1111/vibeship-scanner | jackson-video-resources/markov-hedge-fund-method | lllyasviel/toondecompose | |
|---|---|---|---|
| Stars | 123 | 120 | 130 |
| Language | Python | Python | Python |
| Last pushed | 2026-03-04 | — | 2023-08-31 |
| Maintenance | Maintained | — | Dormant |
| Setup difficulty | easy | easy | hard |
| Complexity | 2/5 | 3/5 | 4/5 |
| Audience | vibe coder | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
No install needed, paste a public GitHub URL at scanner.vibeship.co to scan, Claude Desktop integration requires MCP configuration.
Vibeship Scanner is a free security tool that checks your code for vulnerabilities and then gives you copy-paste prompts to fix them with an AI assistant like Claude, Cursor, or ChatGPT. The idea is straightforward: when you are building quickly with AI, security mistakes slip through. This tool catches them and hands you the exact instructions to paste back into your AI so it can fix the problems for you. You can use it without installing anything, just paste a public GitHub repository URL at scanner.vibeship.co and get a full scan in minutes. It runs 16 scanners across 2,200-plus security rules covering things like SQL injection, exposed API keys, cross-site scripting, weak authentication, and misconfigured settings across 15-plus programming languages. Results come back in plain English instead of security jargon, and each finding includes the file, line number, what is wrong, and a ready-to-use fix prompt. For repos with many issues, there is a "Master Fix Prompt" that tells your AI assistant to work through every vulnerability one by one. The people who get the most out of this are builders who ship fast with AI tools and may not have a security background. A solo founder launching a SaaS app, a vibe coder prototyping a new product, or a small team without a dedicated security person can all benefit. Instead of reading a dense vulnerability report, you get a prompt you can paste straight into your AI assistant that says something like "fix the SQL injection in src/db/users.js at line 45 by replacing string concatenation with parameterized queries", and the AI handles it. It also integrates directly with Claude Desktop and other MCP-compatible AI assistants, so you can ask Claude to scan your repo and then fix the issues in the same conversation. You can even ask it to look up specific CVEs or flag false positives. The project is built with a SvelteKit frontend and a Python Flask backend, combining established open-source scanners like Trivy, Gitleaks, and npm audit under one roof. It is Apache 2.0 licensed and open to community contributions, particularly new scanning rules.
Free security scanner that checks your code for vulnerabilities and gives you copy-paste AI prompts to fix them. Paste a GitHub URL, get plain-English results and ready-to-use fix instructions for your AI assistant.
Mainly Python. The stack also includes Python, Flask, SvelteKit.
Maintained — commit in last 6 months (last push 2026-03-04).
Use freely for any purpose, including commercial use, as long as you keep the copyright notice.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly vibe coder.
This repo across BitVibe Labs
Verify against the repo before relying on details.