aiscan
v0.1.2
Published
Scan AI-generated projects for common security mistakes before deployment.
Maintainers
arnausantosReadme
aiscan
Fast local scanning for common security mistakes in AI-generated code.
aiscan is not a full security audit tool. It is a small pre-deploy CLI that helps catch a few high-signal mistakes that show up often in projects built with tools like Cursor, Claude Code, Copilot, Bolt, Lovable, and Replit AI.
npx aiscan scan ./projectIt runs locally, does not upload source code, does not execute project code, and only uses static analysis.
What aiscan does
- scans a local project directory before deployment
- runs Semgrep with a small curated ruleset for AI-code mistakes
- runs TruffleHog for secret detection when available
- prints a quick human-readable report or JSON
- continues with partial results if one scanner is missing
Current Semgrep coverage is intentionally small and focused:
- AI provider SDKs enabled in the browser with
dangerouslyAllowBrowser: true - public client-side environment variables with secret-like names
- hardcoded OpenAI and Anthropic-style API key assignments
- secret-like
process.envvalues returned in API responses - authorization headers logged or reflected back in responses
- a small set of secondary review-oriented rules for broader signals like
eval(...),new Function(...), and wildcard CORS
Why aiscan exists
Generic scanners are useful, but AI-generated projects often fail in a few repeatable ways:
- demo code gets promoted to production
- secrets get pushed into frontend code to make demos work
- secrets or auth headers get logged during debugging
- server-side SDKs get forced into the browser
- debug handlers expose environment values back to clients
- unsafe dynamic execution gets pasted in as a shortcut
aiscan focuses on those fast-to-miss, high-signal issues. The goal is simple: run one quick local scan before you deploy AI-generated code.
Example Console Output
╭──────────────────────────────────────────────────────────────╮
│ │
│ AI SECURITY REPORT │
│ │
│ Target: /app │
│ Scan time: 412ms │
│ │
│ Critical Issues: 1 │
│ High Issues: 2 │
│ Medium Issues: 1 │
│ Low Issues: 0 │
│ │
│ Core Signal: 3 │
│ Secondary Review: 0 │
│ │
│ Critical │
│ │
│ Public client-side secret environment variable │
│ Tier: Core │
│ components/ChatWidget.js:9 │
│ A public client-side environment variable with a │
│ secret-like name is referenced in source code. │
│ │
│ High │
│ │
│ Authorization header logged to console │
│ Tier: Core │
│ src/api/chat.ts:42 │
│ Authorization headers are being logged. │
│ │
│ Authorization header reflected in response │
│ Tier: Core │
│ pages/api/auth.ts:18 │
│ Authorization header data is being reflected back in an │
│ HTTP response. │
│ │
╰──────────────────────────────────────────────────────────────╯JSON Output Example
npx aiscan scan ./project --json{
"version": "0.1.0",
"target_directory": "/app",
"scan_duration_ms": 412,
"semgrep_available": true,
"trufflehog_available": true,
"summary": {
"total_findings": 1,
"counts_by_severity": {
"critical": 1,
"high": 0,
"medium": 0,
"low": 0
},
"counts_by_product_tier": {
"stable_core": 1,
"stable_watchlist": 0,
"stable_reassessment": 0,
"experimental_promotion": 0,
"unclassified": 0
}
},
"findings": [
{
"tool": "semgrep",
"severity": "CRITICAL",
"rule_id": "aiscan.browser-ai-sdk",
"product_tier": "stable-core",
"title": "AI provider SDK enabled in the browser",
"message": "An AI provider SDK is configured with `dangerouslyAllowBrowser: true`. Do not expose provider API access directly from client-side code.",
"file": "src/lib/openai.ts",
"line": 8,
"confidence": "HIGH",
"ai_context": "AI-generated demos often force server-side SDKs to run in the browser during prototyping."
}
],
"warnings": []
}Installation Prerequisites
aiscan calls existing local scanners. It does not bundle them.
Required:
- Node.js 18+
- Semgrep installed locally
Optional but recommended:
- TruffleHog installed locally for secret detection
Examples:
brew install semgrep
brew install trufflehogor for Semgrep:
pipx install semgrepFor local development in this repo:
npm install
npm run build
node dist/cli.js scan ./projectRule Verification
To syntax-check the Semgrep rules locally:
semgrep --config rules/ai-security-rules.yml .Fixtures are excluded from the main ruleset on purpose so normal scans do not treat test fixtures as real findings.
To validate rules intentionally against fixtures/rules, first derive a fixture-validation config:
node scripts/generate-fixture-semgrep-config.mjs
semgrep --config .tmp/ai-security-rules.fixtures.yml fixtures/rulesTo run aiscan JSON output locally:
aiscan scan . --jsonIf aiscan is not installed globally yet:
node dist/cli.js scan . --jsonLimitations
- not a full security audit
- not a replacement for manual review, secure design, or broader AppSec testing
- limited to a small ruleset chosen for trust, not coverage
- currently strongest on JavaScript and TypeScript projects
- secret detection quality depends on whether TruffleHog is installed
- some stable rules are intentionally review-oriented rather than product-defining
- some real issues will be missed, by design
Release Status / MVP Disclaimer
This project is an early MVP.
It is intentionally small, local-only, and opinionated. The ruleset is being tuned for usefulness and low false positives on real AI-generated repositories, and the strongest validated signal today is still a small core set rather than broad coverage. Until that validation work is more complete, treat aiscan as a lightweight pre-deploy check, not a security verdict.