Skip to content

ContextualWisdomLab/appguardrail

Repository files navigation

AppGuardrail

Ask DeepWiki Security Process

Security guardrails for AI-built apps.

AppGuardrail was formerly developed as VibeSec. The rename avoids the occupied third-party PyPI vibesec namespace.

AppGuardrail helps builders using Cursor, Claude Code, Lovable, Replit, Bolt, Supabase, Firebase, Vercel, and Netlify find and fix security issues introduced during AI-assisted development.

AI 생성 앱을 위한 보안 가드레일. AppGuardrail은 Cursor, Claude Code, Lovable, Replit, Bolt, Supabase, Firebase, Vercel, Netlify로 만든 앱에서 자주 발생하는 보안 문제를 찾고 고칠 수 있게 돕습니다.


What is AppGuardrail?

AppGuardrail is a persistent security layer for AI-assisted builders — not a one-time pentest, but a security co-pilot that stays with you through the entire lifecycle of your AI-built app: coding, deployment, operation, updates, and incident response.

AppGuardrail = AI 앱 빌더의 미니 보안팀


What AppGuardrail Provides

Layer Description
🛡️ AppGuardrail Rules Security rules for AI coding assistants (Cursor, Claude Code, Windsurf, Lovable)
🔍 AppGuardrail Scan Lightweight static analysis for secrets, auth gaps, misconfigurations, and packaged YAML regex rules
👁️ AppGuardrail Review Human-readable review templates and AI-powered audit prompts
📡 AppGuardrail Monitor GitHub Actions workflow installer for continuous AppGuardrail checks
🔧 AppGuardrail Fix AI-ready fix prompts + patch guidance + re-verification steps

Quick Start

Run the CLI

Requires Python 3.9 or newer.

Install from PyPI:

python3 -m pip install appguardrail
appguardrail --help

Maintainers can prepare PyPI releases with GitHub Actions Bot and OpenCode Agent. See Release Automation.

For the productization roadmap, see the 2B KRW sale readiness plan.

Initialize security rules in your project

# Recommended: install guardrails for Codex, Copilot, Claude Code, Cursor, and Windsurf
appguardrail init

# Or install for one tool explicitly
appguardrail init --tool cursor
appguardrail init --tool claude-code
appguardrail init --tool codex
appguardrail init --tool copilot
appguardrail init --tool lovable

# For a Next.js + Supabase stack
appguardrail init --stack nextjs-supabase

This creates:

  • .cursor/rules/appguardrail.md
  • .windsurf/rules/appguardrail.md
  • CLAUDE.md
  • AGENTS.md
  • .github/copilot-instructions.md
  • APPGUARDRAIL_CHECKLIST.md

appguardrail init --tool lovable creates LOVABLE_SECURITY_CHECKLIST.md.

Scan your codebase

appguardrail scan .

# Also run Trivy FS for dependency CVEs, secrets, and IaC misconfigurations
appguardrail scan --trivy .

# The scanner detects Python, Java, JavaScript, TypeScript, and web files
# automatically. If supported external SAST tools are installed and runnable,
# scan auto mode can include Bandit/Ruff/Semgrep without choosing a language profile.

# Run OWASP ZAP baseline only when you have an authorized running URL
APPGUARDRAIL_TARGET_URL=https://your-authorized-test-host.example appguardrail scan .

# If CodeGraph is installed, prepare structural context for deeper review
appguardrail scan --codegraph .

# Save normalized findings for report generation or dashboard ingestion
appguardrail scan --findings-json reports/findings.json .

Detects:

  • Hardcoded secrets (SUPABASE_SERVICE_ROLE_KEY, STRIPE_SECRET_KEY, etc.)
  • Trivy-backed dependency vulnerabilities, secrets, and misconfigurations
  • Bandit/Ruff/Semgrep/ZAP findings when their optional external engines are available
  • Dangerous Supabase/Firebase usage patterns
  • API routes missing authentication
  • Public Firebase rules (read/write: true)
  • Dangerous CORS settings (origin: "*")
  • Missing Stripe webhook signature verification
  • Unprotected admin routes
  • Risky file upload handlers

The scanner loads built-in Python rules and supported pattern-regex entries from scanner/rules/*.yml. Semgrep-style structural pattern: entries remain documented rule fixtures until the lightweight engine grows structural matching.

Deploy-blocking counts focus on app code. Findings in docs, tests, examples, and scanner fixtures stay visible but do not fail the deploy gate by default.

Generate reports from findings

appguardrail report buyer-diligence \
  --findings reports/findings.json \
  --out reports/buyer-diligence.md \
  --app-name "Demo SaaS" \
  --repository "ContextualWisdomLab/demo"

appguardrail report founder-friendly \
  --findings reports/findings.json \
  --out reports/founder-security-review.md \
  --app-name "Demo SaaS"

appguardrail report agency \
  --findings reports/findings.json \
  --out reports/agency-security-review.md \
  --app-name "Demo SaaS" \
  --client-name "Demo Client" \
  --reviewer "Demo Agency"

appguardrail report fix-pack \
  --findings reports/findings.json \
  --out reports/fix-pack.md \
  --based-on "pre-launch-review-001"

appguardrail scan --findings-json writes the normalized findings envelope that the report command accepts. You can also pass a raw JSON array of findings or any object with a findings array. Report types are:

  • buyer-diligence: buyer-readable launch posture and evidence checklist.
  • founder-friendly: plain-language summary for non-security founders.
  • agency: client-ready technical review and retest notes.
  • fix-pack: AI-ready remediation prompts and verification steps.

Reports omit raw secrets and expand normalized metadata into launch posture, finding summaries, remediation, and verification checklists.

Generate an organization buyer evidence bundle

appguardrail org-bundle

This writes appguardrail-buyer-evidence/ with:

  • org-readiness.md: buyer-readable organization readiness narrative.
  • buyer-evidence.json: machine-readable KPI payload.
  • manifest.json: source, timestamp, warning, repository, PR, and action bucket metadata.
  • README.md: how to use the generated evidence packet.

Use --owner, --bundle-dir, --repos-json, or --prs-json only when you need a non-default organization, custom artifact path, or offline snapshot.

Install continuous monitoring

appguardrail monitor

This installs .github/workflows/appguardrail-monitor.yml, which runs appguardrail scan . on pull requests, pushes to common default branches, and manual workflow dispatches.

Install the pre-commit hook

appguardrail hook

# Recommended when CodeGraph is available
appguardrail hook --codegraph

The CodeGraph mode initializes or syncs the local structural index before each scan. This gives human reviewers and AI review agents better call-graph context for authorization, webhook, secret-handling, and other security-sensitive flows. The repository Security Process workflow also runs AppGuardrail with CodeGraph enabled, so pull requests get the same structural security context in CI.

Generate a security review prompt

appguardrail review --stack nextjs --db supabase --payments stripe

Outputs a prompt you can paste directly into Claude Code or Cursor.


Repository Structure

appguardrail/
├── README.md
├── rules/                        # Security rules for AI coding tools
│   ├── cursor/
│   ├── claude-code/
│   ├── windsurf/
│   └── lovable/
├── checklists/                   # Stack-specific security checklists
│   ├── auth.md
│   ├── authorization.md
│   ├── supabase.md
│   ├── firebase.md
│   ├── stripe.md
│   ├── file-upload.md
│   ├── api-security.md
│   ├── secrets.md
│   └── deployment.md
├── prompts/                      # AI fix and review prompts
│   ├── secure-code-review.md
│   ├── fix-authz-bugs.md
│   ├── supabase-rls-review.md
│   ├── stripe-webhook-review.md
│   └── admin-route-review.md
├── scanner/                      # Lightweight static analysis engine
│   ├── rules/
│   │   ├── secrets.yml
│   │   ├── authz.yml
│   │   ├── supabase.yml
│   │   ├── firebase.yml
│   │   ├── nextjs.yml
│   │   └── stripe.yml
│   └── cli/
│       └── appguardrail.py
├── reports/                      # Report templates
│   └── templates/
│       ├── founder-friendly-report.md
│       ├── agency-report.md
│       └── fix-pack.md
├── examples/                     # Sample vulnerable and fixed apps
│   ├── vulnerable-vibe-app/
│   └── fixed-vibe-app/
└── docs/                         # Methodology and responsible testing
    ├── methodology.md
    ├── scope-and-authorization.md
    └── responsible-testing.md

The AppGuardrail Fix Format

AppGuardrail doesn't hand you a traditional security report. Every finding comes with:

Problem:
  User A can access User B's project data by supplying B's project_id.

Risk:
  Customer data may be exposed across users.

Fix Prompt:
  "Update all project API routes to verify that the authenticated user's id
   matches project.owner_id before returning data. Return 403 when ownership
   does not match. Add tests for cross-user access."

Verification:
  Request User B's project_id using User A's token → expect HTTP 403.

Why AppGuardrail is Different from Traditional SAST

Traditional scanners target classic vulnerabilities (SQLi, XSS). AI-coded apps fail differently:

AI-coding failure mode Example
Missing ownership check Any user can read any record
Public storage bucket Files accessible without auth
Exposed service role key Full DB access from the browser
Supabase/Firebase rule mistake RLS disabled or allow read: if true
Insecure webhook No Stripe signature verification
AI-generated temporary code // TODO: add auth later left in production

Services (Paid)

Product Description
AppGuardrail Snapshot One-time security assessment of your current app
AppGuardrail Review Code, config, and authorization structure review
AppGuardrail Red Team Lite Defensive penetration test based on real user scenarios
AppGuardrail Fix Pack Patches and prompts to fix discovered issues
AppGuardrail Retainer Monthly security review of every change
AppGuardrail Monitor Continuous automated monitoring on commits and pull requests

Contributing

This project is open-source and welcomes contributions of:

  • New security rules for AI coding tools
  • Stack-specific checklists
  • Fix prompts for common vulnerability patterns
  • Scanner detection rules

Please read docs/responsible-testing.md before contributing scanner rules.


License

MIT — see LICENSE

About

바이브코딩 앱을 위한 보안 가드레일: AI 개발 도구 규칙, 정적 점검, 리뷰·수정 프롬프트.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages