The vulnerability classes Guard checks for
Executive Summary
- AI pattern-matches to the examples it was trained on, including the insecure ones. Guard audits both the code and the live app you authorize for the vulnerability classes that slip past a fast review.
- Guard combines source review with bounded runtime checks against staging or production targets you authorize, so the web-app evidence sits next to the code.
- Findings come back in plain language: what is exposed, who can reach it, and what it costs if someone does. No CVE firehose, no noise to wade through, the signal a founder can read and an engineer can verify.
- Findings come back as reviewable GitHub issues with evidence and rationale. When a fix is bounded and useful, Guard can open a narrow pull request for human review.
Audit Target and Version
- Repository:
checkout-service - Default branch:
main - Checked commit:
mocked-build-reference
What We Checked
- Secrets, tokens, and keys hardcoded into reachable routes
- Broken authentication and missing access control
- User input trusted into queries, commands, or file paths
- Objects and records reachable without an ownership check
- Over-permissive CORS, headers, and exposed internal routes
Enji Guard
Findings come back as reviewable GitHub issues with evidence and rationale. When a fix is bounded and useful, Guard can open a narrow pull request for human review.