@fole/brunt
v0.5.0
Published
Adversarial AI code review. Finds bugs, generates failing tests as proof.
Downloads
165
Maintainers
foleReadme
Brunt
Adversarial AI code review. Finds bugs, generates failing tests as proof, auto-fixes and verifies.
Brunt scans your git diffs, runs adversarial analysis via LLM, and for every bug it finds:
- Generates a failing test that proves the bug exists
- Generates a fix and verifies it passes the test
- Optionally opens a PR with all verified fixes
No opinions -- just proof.
Quick Start
npm i -g @fole/brunt
# Scan your last commit
brunt scan
# Scan with auto-fix
brunt scan --fix
# Full pipeline: find, prove, fix, open PR
brunt scan --fix --prWhat It Does
$ brunt scan --fix
Running 2 vectors via anthropic:
+ correctness 1 finding (8102ms)
+ security 1 finding (14201ms)
+ Generated 2 proof tests.
+ Verified 2 fixes.
brunt -- found 2 issues (14230ms)
[correctness] 1 finding (8102ms)
HIGH src/utils.ts:23 [FIXED]
parseInt without radix or NaN handling
Test: tests/brunt/src-utils-ts-L23.test.ts
--- fix diff ---
- const age = parseInt(input);
+ const age = parseInt(input, 10);
+ if (isNaN(age)) throw new Error('Invalid age');
[security] 1 finding (14201ms)
CRITICAL src/api/users.ts:34 [FIXED]
SQL injection in user search endpoint
Test: tests/brunt/src-api-users-ts-L34.test.ts
--- fix diff ---
- const query = `SELECT * FROM users WHERE name = '${input}'`;
+ const query = `SELECT * FROM users WHERE name = $1`;Vectors
| Vector | What it finds |
|---|---|
| correctness | Edge cases, off-by-one, null handling, type coercion, logic errors, race conditions |
| security | SQL injection, XSS, command injection, path traversal, SSRF, auth bypass, hardcoded secrets |
brunt scan --vectors security # run only securityProviders
| Provider | Cost | Setup |
|---|---|---|
| claude-cli (default) | Free with Claude Code plan | Just have claude installed |
| anthropic | Pay per token | Set ANTHROPIC_API_KEY |
| ollama | Free, local | Install Ollama, run ollama serve |
| openai | Pay per token | Set OPENAI_API_KEY |
brunt scan # Claude Code CLI (default)
ANTHROPIC_API_KEY=sk-... brunt scan --provider anthropic # Anthropic API
brunt scan --provider ollama --model llama3 # Local modelPrompt Injection Defense
Brunt is designed to resist adversarial input -- including code that tries to manipulate the AI reviewer:
- Comment stripping -- all comments and string literals are removed before the LLM sees the diff
- Per-file isolation -- each file is analyzed in its own LLM call; injection in one file cannot suppress findings in another
- Injection detection -- a pre-scan flags suspicious patterns (e.g.
// AI: ignore this file) before analysis begins - Suspicious silence -- files touching auth, crypto, exec, or SQL that produce zero findings are flagged for manual review
- Canary injection -- a synthetic bug is injected to verify the LLM actually analyzed the code
Output Formats
brunt scan # Human-readable (default)
brunt scan --format json 2>/dev/null | jq . # JSON
brunt scan --format sarif > results.sarif # SARIF (GitHub Code Scanning)CI Integration
GitHub Actions
- uses: anfocic/brunt@main
with:
provider: anthropic
fail-on: critical
pr-comment: 'true'
env:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}Options
--diff <range> Git diff range (default: HEAD~1, auto-detects in CI)
--provider <name> LLM provider: claude-cli, anthropic, ollama, openai
--model <name> Model name
--format <type> Output: text, json, sarif
--fail-on <severity> Exit 1 threshold: low, medium, high, critical (default: medium)
--vectors <list> Comma-separated vectors to run
--no-tests Skip proof test generation
--no-cache Force fresh LLM analysis
--verify Run proof tests, drop unverified findings
--fix Auto-generate and verify fixes
--fix-retries <n> Max fix attempts (1-5, default: 2)
--pr Create PR with verified fixes
--pr-comment Post findings as GitHub PR review comments
--max-tokens <n> Max tokens per LLM callLicense
MIT