VibeGuard is a minimal, ultra-fast security scanner that identifies secrets (API keys, tokens, passwords) in your GitHub repositories or ZIP uploads. It runs entirely locally on your machine, ensuring your code never leaves your environment.
- AI Remediation: Powered by Gemini Pro, providing explanations, fix steps, and secure code.
- URL & ZIP Support: Input any public GitHub URL or upload a ZIP file.
- Dual Pipeline: Uses
Gitleaksas primary scanner with a high-speedNode.js Regexfallback. - Risk Scoring & AI Summary: Weighted risk score + Gemini-powered executive summary.
- Interactive Dashboard: Modern UI with real-time feedback and remediation hints.
- Privacy First: All scans run locally; ephemeral directories are deleted immediately.
- Node.js (v18+)
- Git
- (Optional) Gitleaks for enhanced scanning.
-
Clone & Install Dependencies
npm install
-
Run the Development Server
npm run dev
-
Open the Dashboard Navigate to http://localhost:3000
-
Demo Mode The prototype includes
DEMO_MODE=truein.env.localwhich prefers cached AI responses for instant demonstration.
Refer to DEMO_SCRIPT_AI.md for the AI-powered presentation script.
If you encounter network or environment issues:
- View the pre-generated report: http://localhost:3000/demo-fallback.html
- Load sample JSON:
public/sample-report.json
This is a prototype. Always verify findings manually. Scanned data is stored in tmp/ and wiped after each session.