██ Vibe-Guard Security Scanner - 25 essential security rules to catch vulnerabilities before they catch you! Zero dependencies, instant setup, works everywhere, optimized performance. Detects SQL injection, XSS, exposed secrets, CSRF, CORS issues, and mor
Security Scanner - Zero dependencies, instant setup, works everywhere. Optimized performance for security scanning. Current ruleset: 25 essential security rules.
# Install globally
npm install -g vibe-guard
# Scan your project
vibe-guard scan .
# Learn about security concepts
vibe-guard learn xss-detection
# Try with demo files
vibe-guard demo
Vibe-Guard is more than a scanner, it's an educational tool that teaches you about web security:
XSS (Cross-Site Scripting):
// ❌ Vulnerable code
app.get('/user', (req, res) => {
const userInput = req.query.name;
res.send('<h1>Hello ' + userInput + '</h1>'); // XSS!
});
// ✅ Secure code
app.get('/user', (req, res) => {
const userInput = req.query.name;
res.send('<h1>Hello ' + escapeHtml(userInput) + '</h1>');
});
SQL Injection:
// ❌ Vulnerable code
const query = 'SELECT * FROM users WHERE id = ' + userId; // SQL injection!
// ✅ Secure code
const query = 'SELECT * FROM users WHERE id = ?';
db.query(query, [userId]);
Exposed Secrets:
// ❌ Vulnerable code
const API_KEY = 'sk-1234567890abcdef'; // Exposed in code!
// ✅ Secure code
const API_KEY = process.env.API_KEY; // Environment variable
Vibe-Guard detects 25 types of vulnerabilities:
CI/CD Integration:
# GitHub Actions
- name: Security Scan
run: vibe-guard scan . --format sarif --output-file security-report.sarif
Pre-commit Hook:
# .git/hooks/pre-commit
#!/bin/sh
vibe-guard scan . || exit 1
Educational Tool:
# Learn about security concepts
vibe-guard learn sql-injection
vibe-guard learn xss-detection
# Practice with demo files
vibe-guard demo
NPM:
npm install -g vibe-guard
Homebrew:
brew install devjosef/tap/vibe-guard
Direct Download:
# Linux
curl -L https://github.com/Devjosef/vibe-guard/releases/latest/download/vibe-guard-linux-x64 -o vibe-guard
chmod +x vibe-guard
# macOS
curl -L https://github.com/Devjosef/vibe-guard/releases/latest/download/vibe-guard-macos-x64 -o vibe-guard
chmod +x vibe-guard
# Windows
curl -L https://github.com/Devjosef/vibe-guard/releases/latest/download/vibe-guard-windows-x64.exe -o vibe-guard.exe
Join us in making the web more secure:
vibe-guard learn [topic] - Understand security conceptsvibe-guard demo - Try with example vulnerabilitiesvibe-guard stats - See your security impactBuilt for developers who code fast and need security that keeps up:
Every scan makes the web a little more secure:
MIT License - see LICENSE for details.
Built for the greater good, like curl for security scanning.
FAQs
██ Vibe-Guard Security Scanner - 25 essential security rules to catch vulnerabilities before they catch you! Zero dependencies, instant setup, works everywhere, optimized performance. Detects SQL injection, XSS, exposed secrets, CSRF, CORS issues, and mor
The npm package vibe-guard receives a total of 81 weekly downloads. As such, vibe-guard popularity was classified as not popular.
We found that vibe-guard demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.