$ VULNGUARD --SCAN
Connect your GitHub, GitLab, or Bitbucket repositories. VulnGuard tracks dependency vulnerabilities, SAST issues, and exposed secrets — auto-fixes what's fixable, queues the rest for review.
$ vulnguard --how
$ connect --provider github,gitlab,bitbucket
Link your repos in seconds, no CI config required.
$ scan --tools osv,semgrep,gitleaks
Every push gets checked for vulnerable dependencies, code flaws, and leaked secrets.
$ fix --auto-pr
Dependency issues get a pull request automatically, respecting your severity threshold.
$ review --queue
SAST and secrets findings land in a manual review queue with full context, never silently auto-merged.
$ vulnguard --preview
Open PRs bumping vulnerable packages automatically, respecting your severity policy.
Lifecycle from open → auto_fixed → pr_opened → needs_review → ignored, always visible.
Semgrep, Gitleaks, Trivy, OSV — one queue, one review workflow.
# most tools solve one piece. we cover the whole loop.
| feature | VulnGuard | GitHub Advanced Security | Snyk | Renovate |
|---|---|---|---|---|
| Multi-provider (GH+GL+BB) | ||||
| Auto-fix PRs | ||||
| SAST scanning | ||||
| Secret scanning | ||||
| Manual review queue | ||||
| Pricing model | flat | per-seat | per-seat | free/oss |
$ vulnguard --pricing
$ vulnguard --faq
Yes. OAuth scopes request read access to your private repos on GitHub, GitLab, or Bitbucket. Tokens are encrypted at rest and never exposed to the browser.