GitHub Repo Security Checker

Scan any public GitHub repository for known vulnerabilities in seconds. Free, no signup.

Results in 5-10 seconds. No clone, no install, no signup.

Dependency vulnerabilities checked against Google's OSV database (npm + PyPI).

Drop a status badge into your README — keeps your repo's security posture visible.

What this scan does

Reads package.json and requirements.txt from the default branch.
Queries the OSV vulnerability database for each dependency.
Flags archived repos, stale repos (no commits in 12+ months), and missing licenses.
Returns a status: Passed, Warning, or Issues found.

For deeper static analysis (Semgrep), submit the repo to SkillsLLM and it will be queued for a full audit.

Looking to discover trusted AI skills? Browse the catalog