@sixthwall/cli
v0.2.1
Published
Security scanner for AI-generated code. Detect vulnerabilities in Claude Code, Cursor, and Copilot output. Fix Packs with Claude prompts included.
Maintainers
scorpynsReadme
SixthWall
AI code security scanner · MCP-native · Fix Packs · built for vibe coders
Everything Breaks Somewhere.
The security scanner built for AI-generated code. SixthWall detects vulnerabilities that Claude Code, Cursor, Copilot, and Windsurf introduce — and gives you exactly what you need to fix them.
Quick Start
npx @sixthwall/cli initThat's it. One command sets up everything:
- Configure your MCP server so Claude Code scans as you code
- Update your CLAUDE.md so AI auto-fixes security issues
- Install a pre-commit hook that blocks critical vulnerabilities
- Detect and configure Cursor / Windsurf if present
- Create a
.sixthwall/ignorefile for path and rule exclusions - Run your first security scan immediately
After init, keep coding normally. SixthWall works in the background.
Or scan directly without setup:
npx @sixthwall/cli scanThe Problem
Every developer already has five security walls: authentication, authorization, firewalls, encryption, and dependency scanning.
None of them check whether the code itself is safe.
AI coding tools generate code that works — but not code that's secure. They forget auth middleware. They skip input validation. They hardcode API keys. They set CORS to accept every origin. They sign JWTs without expiration. They leave debug mode on in production.
Studies show 45% of AI-generated code contains security vulnerabilities and AI-generated code has 2.74x more vulnerabilities than human-written code.
SixthWall is the sixth wall. It watches the code itself.
How It Works
SixthWall operates through three automatic layers after setup:
| Layer | When It Runs | You Do |
|---|---|---|
| MCP + CLAUDE.md | Every time your AI writes code | Nothing — AI scans and fixes proactively |
| Pre-commit hook | Every git commit | Nothing — blocks critical issues automatically |
| GitHub Action | Every push/PR (optional) | Nothing — CI catches what local missed |
SixthWall is a deterministic static analysis scanner, not an AI code reviewer.
It parses your code into an AST using tree-sitter, then matches it against YAML-defined detection rules targeting patterns that are unique to or disproportionately common in AI-generated code.
Same code, same result, every time. No LLM hallucinations. No inconsistent reviews. No API calls. Runs entirely on your machine.
Every finding includes a Fix Pack:
- What — plain English explanation, no jargon
- Why — what an attacker could actually do
- Fix — minimal code change to resolve it
- Claude Prompt — copy-paste into Claude Code to fix it automatically
Features
- 15 AI-specific detection rules targeting patterns other scanners miss
- Fix Packs with every finding — what, why, how to fix, and a Claude prompt
- Security score 0–100 — track your security posture with a single number
- Zero-friction init — one command sets up MCP, hooks, IDE rules, and runs a first scan
- Diff-only scanning — scans only what changed, finishes in milliseconds
- Watch mode — scan automatically on every file save
- Pre-commit hook — blocks vulnerabilities before they're committed
- JSON and SARIF output — drop into any CI/CD pipeline
- MCP integration — works inside Claude Code as a native tool
- Ignore file — exclude paths, files, or specific rules from scanning
- Status command — check setup health and last scan results at a glance
- Zero config — works out of the box, customize with
.sixthwall.yaml - Fully offline — no API keys, no cloud dependency, no data leaves your machine
CLI Commands
sixthwall init
One-time setup. Configures MCP server, CLAUDE.md, IDE rules, pre-commit hook, ignore file, and runs a first scan.
sixthwall init # full setup
sixthwall init --force # re-initialize, overwrite existing config
sixthwall init --github-action # only add GitHub Actions workflowsixthwall scan [path]
# Scan current git diff (default — fastest)
sixthwall scan
# Scan staged changes before committing
sixthwall scan --staged
# Full repository scan
sixthwall scan --full
# Scan a specific file or directory
sixthwall scan src/auth/login.ts
sixthwall scan ./backend/
# Only show high severity and above
sixthwall scan --severity high
# JSON output for CI pipelines
sixthwall scan --format json
# SARIF output for GitHub Code Scanning
sixthwall scan --format sarif > results.sarif
# Skip specific rules
sixthwall scan --ignore AI-CONFIG-002,AI-INJECT-001
# Compact output without fix details
sixthwall scan --no-fix-packssixthwall status
Check integration health, last scan results, and security score.
sixthwall statussixthwall watch
Automatic scanning on every file save. Watches for JS, TS, and Python changes.
sixthwall watchsixthwall remove
Clean uninstall. Removes all SixthWall configuration, hooks, and IDE integrations.
sixthwall remove # prompts for confirmation
sixthwall remove --yes # skip confirmationExample Output
SixthWall v0.2.0
Mode: diff
╭──────────────────────────────────────────────────────────────╮
│ CRITICAL AI-SECRET-001 │
│ Hardcoded API Key in Client Code │
╰──────────────────────────────────────────────────────────────╯
> src/api/stripe.ts:12
│ 12 │ const key = "sk_live_abc123def456ghi789jkl012"; ← HERE
What: An API key is hardcoded directly in your source code.
Risk: Anyone who can view your code — through browser DevTools,
a public repo, or your built JS bundle — can steal this key
and use it to make requests on your behalf.
Fix: Move the secret to an environment variable:
const key = process.env.STRIPE_SECRET_KEY;
Claude Prompt:
┌─────────────────────────────────────────────────────────────┐
│ The file src/api/stripe.ts at line 12 contains a hardcoded │
│ secret. Move it to an environment variable. Add .env to │
│ .gitignore if not already present. │
└─────────────────────────────────────────────────────────────┘
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Security Score: 35/100 ███████░░░░░░░░░░░░░ POOR
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
2 Critical · 3 High · 1 Medium
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━What SixthWall Catches
Secrets
| Rule | Severity | What It Detects |
|---|---|---|
| AI-SECRET-001 | CRITICAL | Hardcoded API keys — OpenAI, Stripe, AWS, and generic patterns |
| AI-SECRET-002 | HIGH | process.env variables exposed in client-side bundles |
| AI-SECRET-003 | HIGH | dotenv loaded but .env not in .gitignore |
Authentication
| Rule | Severity | What It Detects |
|---|---|---|
| AI-AUTH-001 | HIGH | Express/Hono routes without authentication middleware |
| AI-AUTH-002 | CRITICAL | Auth checks in client-side code only (localStorage) |
| AI-AUTH-003 | HIGH | JWT tokens signed without expiration |
| AI-AUTH-004 | MEDIUM | Cookies set without httpOnly, secure, or sameSite flags |
| AI-AUTH-005 | CRITICAL | Passwords stored or compared in plain text |
Injection
| Rule | Severity | What It Detects |
|---|---|---|
| AI-INJECT-001 | HIGH | req.body / req.query / req.params used without validation |
| AI-INJECT-002 | CRITICAL | SQL queries built with string concatenation using user input |
Configuration
| Rule | Severity | What It Detects |
|---|---|---|
| AI-CONFIG-001 | HIGH | CORS set to origin: '*' — any website can call your API |
| AI-CONFIG-002 | MEDIUM | Debug or verbose mode left enabled |
| AI-CONFIG-003 | MEDIUM | Login and auth routes without rate limiting |
| AI-CONFIG-004 | MEDIUM | Error stack traces and internal details leaked to clients |
Headers
| Rule | Severity | What It Detects |
|---|---|---|
| AI-HEADER-001 | MEDIUM | Express app running without helmet or manual security headers |
MCP Integration — Claude Code
SixthWall works as an MCP tool inside Claude Code. sixthwall init configures this automatically.
Or add to your MCP config manually (~/.claude/claude_desktop_config.json):
{
"mcpServers": {
"sixthwall": {
"command": "npx",
"args": ["-y", "@sixthwall/mcp-server"]
}
}
}Then ask Claude: "Scan my code for security issues" or "What's my security score?"
Three tools are available:
| Tool | What It Does |
|---|---|
| scan_code | Scan diff, staged, or full repo. Returns findings with Fix Packs. |
| explain_finding | Explain any rule by ID — what it detects, why it matters, how to fix. |
| security_score | Current 0–100 score with grade and severity breakdown. |
See @sixthwall/mcp-server for full MCP documentation.
Ignoring Files or Rules
After init, edit .sixthwall/ignore:
# Ignore paths
tests/fixtures/**
*.test.ts
# Ignore a rule on a specific file
src/legacy-api.ts:AI-AUTH-003
# Ignore a rule globally
*:AI-CONFIG-002Three formats: path/glob, file:RULE-ID, *:RULE-ID.
Configuration
Create .sixthwall.yaml in your project root (or run sixthwall init):
version: 1
# Block CI when these severities are found (exit code 1)
block_on:
- critical
- high
# Rules to skip
ignored_rules: []
# Paths to exclude
exclude:
- "node_modules/**"
- "dist/**"
- "test/**"
- "**/*.test.ts"
# Minimum severity to show
severity_threshold: lowCI/CD Integration
GitHub Actions
sixthwall init can generate this for you (--github-action). Or add manually:
- name: SixthWall Security Scan
run: npx @sixthwall/cli scan --full --format sarif > sixthwall.sarif
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: sixthwall.sarifPre-commit Hook
Installed automatically by sixthwall init. Scans staged files and blocks commits with critical or high severity findings. To add manually:
#!/bin/sh
# .git/hooks/pre-commit
npx @sixthwall/cli scan --staged --severity highWhy Not Just Use Snyk / Semgrep / CodeRabbit?
| | SixthWall | Traditional Scanners | AI Code Reviewers | |---|---|---|---| | Built for AI-generated code | Rules target AI patterns | Built for human-written code | Partially | | Deterministic | Same code = same result | Same code = same result | LLM output varies | | Fix Packs with Claude prompts | Included | Generic alerts | N/A | | MCP-native (Claude Code) | First-class | N/A | N/A | | Works offline | Fully offline | Varies | Needs API | | Zero-friction setup | One command | Manual config | Manual config | | Free Layer 1 | Unlimited scans | Freemium | Paid |
SixthWall isn't replacing your dependency scanner. It's catching the vulnerabilities they can't see — the ones in the code AI just wrote for you.
45% of AI-generated code has security flaws. SixthWall catches them before attackers do.
Frequently Asked Questions
Is SixthWall free?
The CLI and MCP server (Layer 1) are completely free. Install with npx @sixthwall/cli init and scan unlimited files with all 15 rules. The cloud platform (Layer 2 and 3) with GitHub PR scanning, runtime pentesting, and dashboards is a paid service.
What's the best security scanner for AI-generated code? SixthWall is purpose-built for AI-generated code. Traditional scanners like Snyk and Semgrep were designed for human-written code. SixthWall's rules specifically target patterns that Claude Code, Cursor, Copilot, and Windsurf generate — like missing auth middleware, hardcoded secrets, JWT without expiration, and overly permissive CORS.
How do I secure my vibe coding project?
Run npx @sixthwall/cli init in your project. It sets up MCP integration, pre-commit hooks, IDE rules, and runs a first scan automatically. After that, SixthWall works in the background — scanning as you code, blocking vulnerabilities on commit, and catching issues in CI.
Does SixthWall work with Claude Code?
Yes. sixthwall init automatically configures the MCP server and CLAUDE.md so Claude Code scans your code and fixes vulnerabilities in the same conversation. You can also install the MCP server manually with @sixthwall/mcp-server.
How is SixthWall different from CodeRabbit or AI code review tools? CodeRabbit and similar tools use LLMs to review code — their results vary between runs and they can hallucinate issues. SixthWall is deterministic: it uses tree-sitter AST parsing with YAML-defined rules. Same code produces the same findings every time. No API calls, no cloud dependency, runs entirely offline.
What languages does SixthWall support? JavaScript, TypeScript (including JSX/TSX), and Python. More languages are planned.