Try it right now
Find your CI/CD vulnerabilities in 5 seconds.
Type any public GitHub repo. We'll scan its workflow files with the same 17-check engine that runs on every PR after you install us. No signup, no email — just findings.
- 1-click
- GitHub App install
- 17
- CI/CD checks
- 6
- Pkg ecosystems
- MIT
- Open source
How it works
One click. No YAML. No secrets.
The GitHub App replaces the old workflow-file approach entirely. Install it once on your org and every repo is protected — including ones you create in the future.
Install the GitHub App
One click on GitHub. Select which repos to protect. No workflow files, no secrets to manage. Takes 30 seconds.
github.com/apps/vu1nz/installations/new
Every PR gets scanned automatically
When a pull request opens, vu1nz fetches the workflow files, runs 17 CI/CD checks + a malware sweep of new packages, and posts a Check Run inline on the PR — pass or fail.
CI/CD checks + package malware + optional Claude AI review
See everything in your dashboard
Full scan history. Every finding with file, line, CWE, and recommendation. Trigger scans on demand. Add your Claude API key for AI-powered review.
vu1nz.com/dashboard
You no longer need to:
- Scans fire on every PR automatically
- Check Runs appear inline on GitHub
- Dashboard at vu1nz.com/dashboard
- $100/month per GitHub org after trial
Get started
Protect your org in 30 seconds.
Install the GitHub App once on your org. Every PR is scanned automatically — CI/CD workflow checks + package malware sweep. No YAML files, no secrets.
- ✓ Free 14 days. No card.
- ✓ $100/month per GitHub org after.
- ✓ Card or crypto via CoinPay.
- ✓ MIT-licensed. Fork it, self-host it.