CodeGuard 🛡️

Scan your code for security issues. Get a FIXES.md file. Give it to Claude Code or Cursor to fix everything.

Install

npm install -g @darrenjcoxon/codeguard

That's it. CodeGuard automatically installs Semgrep and Gitleaks on first run.

Use

cd your-project
codeguard

This will:

1. Auto-install any missing scanning tools
2. Scan for security vulnerabilities, secrets, bad dependencies, code quality issues
3. Create FIXES.md in your project
4. Tell your AI agent: "Fix all the issues in FIXES.md"

What It Finds

| Scanner | Issues | |---------|--------| | Semgrep | SQL injection, XSS, command injection, path traversal | | Gitleaks | API keys, passwords, tokens, secrets | | npm audit | Vulnerable dependencies | | ESLint | Code quality issues | | Complexity | Complex code, TODOs, debug statements |

Commands

codeguard                     # Scan current directory
codeguard /path/to/project    # Scan specific path
codeguard setup               # Manually install scanning tools
codeguard check               # Check which tools are installed
codeguard --no-fixes          # Skip FIXES.md generation
codeguard --ci                # CI mode: exit 1 on high/critical issues

CI/CD

# GitHub Actions
- run: |
    npm install -g @darrenjcoxon/codeguard
    codeguard --ci

License

MIT