audit-me
v1.0.2
Published
A CLI tool to scan JavaScript and React code for basic vulnerabilities.
Maintainers
Readme
🔍 audit-me
audit-me is a simple and lightweight CLI tool that helps you find common security issues in your JavaScript and React code.
No setup. No config. Just plug it in and audit your code in seconds.
🚀 Features
✅ Detects use of eval() – known for enabling code injection
✅ Flags dangerouslySetInnerHTML – a potential XSS risk
✅ Alerts for insecure http:// URLs
✅ Warns about hardcoded secrets (like API keys or tokens)
✅ Catches unsafe DOM access in React apps (document.querySelector, etc.)
📦 How to Use
🔁 One-time Run (via npx)
npx audit-me ./src
### Install Globally (Optional)
npm install -g audit-me
## Then you can run:
audit-me ./src