Skip to content

gitlawbscanner/gitscan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
app
app
 
 
backend
backend
 
 
extension
extension
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

gitscan

Security scanner for Gitlawb and GitHub repositories. Paste a repo URL, get a full AI-powered security report — secrets, SAST, and dependency vulnerabilities.

Built to be the first security tool in the Gitlawb ecosystem.

What it does

  • Secrets detection — TruffleHog scans your entire commit history for leaked API keys, tokens, and credentials
  • SAST analysis — Semgrep + Bandit find injection flaws and security anti-patterns in your code
  • Dependency audit — pip-audit, npm audit, and OSV.dev check your packages against known CVEs
  • AI report — Claude synthesizes all findings into a plain-English report with risk scores and fix recommendations
  • Telegram bot — run /scan <url> from Telegram and get the full report in your chat

Requirements

Backend

  • Python 3.10+
  • pip
  • git (must be in PATH)

Frontend

  • Node.js 18+
  • npm

Optional tools (auto-installed by start.sh if missing)

Installation

1. Clone the repo

git clone https://github.com/gitlawbscanner/gitscan.git
cd gitscan

2. Set up the backend

cd backend
cp .env.example .env

Edit .env and fill in your keys:

ANTHROPIC_API_KEY=sk-ant-...        # required — get one at console.anthropic.com
TELEGRAM_BOT_TOKEN=...              # optional — from @BotFather on Telegram
GLSCAN_API_URL=http://localhost:8000

Install dependencies and start:

pip install -r requirements.txt
uvicorn main:app --reload --port 8000

Or use the one-command script (also installs semgrep, trufflehog, bandit):

chmod +x start.sh
./start.sh

The API will be available at http://localhost:8000.

3. Set up the frontend

In a separate terminal:

cd app
cp .env.example .env
npm install
npm run dev

The app will be available at http://localhost:5173.

API

Method Endpoint Description
POST /scan Start a scan — body: {"repo_url": "https://..."}
GET /scan/{job_id} Poll scan status and result
GET /health Health check

Example:

# Start a scan
curl -X POST http://localhost:8000/scan \
  -H "Content-Type: application/json" \
  -d '{"repo_url": "https://github.com/owner/repo"}'

# Poll result (replace JOB_ID)
curl http://localhost:8000/scan/JOB_ID

Production deployment

Backend — deploy to any Python host (Railway, Render, Fly.io):

uvicorn main:app --host 0.0.0.0 --port $PORT

Frontend — build and deploy to Vercel, Netlify, or Cloudflare Pages:

cd app
VITE_API_URL=https://your-backend-url.com npm run build
# deploy the app/dist/ folder

Tech stack

Layer Tech
Frontend React 19, Vite 7, TypeScript, Tailwind CSS
Backend Python, FastAPI, asyncio
Secrets TruffleHog → regex fallback
SAST Semgrep → Bandit → regex fallback
Dependencies pip-audit / npm audit → OSV.dev API
AI Claude (claude-sonnet-4-20250514)
Bot python-telegram-bot

CA

0x46BC5B1b003e9659d5638715e3302e15C372d59d

About

gitlawbscan.com

Topics

security ai reputation gitlawb gitscan

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages