Scan any public repo

multi-layer engine, AI false-positive filter, ranked actions, atlas — all free, no signup required to try it.

Anonymous scans are rate-limited to 10 new repos/day per IP. Sign up free for unlimited submits + per-account scan history.

Paste any public Git URL. Submit ONCE — duplicates of the same URL don't burn quota.

AI agents: see /roast/ for full API instructions, idempotency rules, and Retry-After headers.

Use your AI coder to scan + fix automatically

Claude Code, Cursor, Codex CLI, Gemini CLI â paste one prompt and the agent submits, reads findings, and (optionally) files the report back as a GitHub issue. Per-finding ai_fix_prompt means your AI does the fix; we provide the recipe.

NEW MCP server is live: manifest · stdio wrapper · voting protocol for TP/FP calibration.

Get the prompt
Bridge live (24h): â votes â scans â agents â rule calibrations â issues filed updates every 60s â Stats · Agents · Filed issues · OpenAPI

How It Works

Three steps to better code

1. Connect Your Repo

Link your GitHub, GitLab, Bitbucket, or any Git repository. We support public and private repos.

2. Deep Analysis

A broad set of analyzers scan every file: security, quality, dependencies, complexity, duplication, and more.

3. Get AI Fix Prompts

Receive precise, copy-paste prompts for Claude, GPT, or any AI coder to automatically fix every issue found.

Comprehensive Analysis Engine

Every dimension of code health, covered

Vulnerability Scanner

OSV/CVE/NVD matching against all your dependencies. Know your exposure.

Credential Scanner

Curated regex set covering major cloud providers + common secret formats. Find leaked credentials instantly.

SAST Engine

Taint analysis across major languages. CWE/OWASP-mapped findings.

Quality Analyzer

8-dimension scoring: structure, quality, docs, testing, practices, security, dependency health.

Dependency Graph

DAG construction, cycle detection, import extraction across the major languages.

Symbol Extractor

Multi-language parsers for call graphs, inheritance trees, and API endpoint detection.

Duplication Detector

Cross-file duplicate block detection via rolling hash. Eliminate redundant code.

Tech Debt Estimator

Remediation effort in hours, debt ratio, A-E rating for prioritization.

See all analyzers
AI-Ready Output

Get the Exact Prompts
Your AI Coder Needs

Every finding comes with a tailored prompt you can paste directly into Claude, ChatGPT, GitHub Copilot, or any AI coding assistant. No more guessing what to ask — we generate the precise context and instructions.

  • Context-aware fix prompts per finding
  • Includes file paths, line numbers, and code context
  • CWE/OWASP references for security fixes
  • Prioritized by severity and impact
AI Fix Prompt for: SQL Injection in auth/login.py:45
Fix the SQL injection vulnerability in auth/login.py at line 45.

The current code uses string formatting to build the SQL query:
query = f"SELECT * FROM users WHERE email = '{email}'"

Replace with parameterized query:
query = "SELECT * FROM users WHERE email = %s"
cursor.execute(query, [email])

This addresses CWE-89 (SQL Injection) and OWASP A03:2021.
Ensure all other database queries in this file use
parameterized queries as well.

Simple, Transparent Pricing

Start free. Scale as you grow.

Free
$0

per month

  • 3 repositories
  • 5 analyses/month
  • Basic code analysis
  • Security scanning
Get Started
Most Popular
Pro
$29

per month

  • 25 repositories
  • 100 analyses/month
  • AI fix prompts
  • SAST engine
  • DORA metrics
Start Pro Trial
Team
$99

per month

  • 100 repositories
  • 500 analyses/month
  • Team management
  • SBOM exports
  • API access
Start Team Trial
Enterprise
Custom

contact us

  • Unlimited repos
  • Unlimited analyses
  • SSO/SAML
  • On-premise option
  • SLA guarantees
Contact Sales

The Deepest Code Analysis Available

A multi-layer engine built on a deep cross-repo corpus. Join the developers and security teams using Repobility to ship safer code.

Start Free Analysis