CodeGuard AI is a hybrid security scanner that combines:
- Fast static analysis using Semgrep
- AI-powered reasoning (planned) to confirm and fix issues
This prototype is built as a CLI tool you can run on any local folder.
- Runs Semgrep with custom security rules on a target directory.
- Parses Semgrep’s JSON output into structured
Findingobjects. - Automatically extracts only the vulnerable code snippets (line-based slicing).
- Generates a colorful CLI report for quick review.
- Saves a Markdown security report in the
reports/folder.
Note: The AI part is currently a mock function. Later it will call a real LLM (OpenAI/Gemini/Ollama) to validate and fix vulnerabilities.
code-guard-ai/
main.py # CLI entry point
scanner.py # Runs Semgrep and returns JSON
triage.py # Parses JSON, extracts code snippets
ai_engine.py # Builds prompts, mock AI analysis
reporter.py # Writes Markdown reports
rules/
command_injection.yml # Custom Semgrep rule (command injection)
sample_code/
bad.py # Test file with an insecure example
reports/ # Generated Markdown reports
requirements.txt # Python dependencies