Package Exports
- codesentinel-ai
- codesentinel-ai/server.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (codesentinel-ai) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
π‘οΈ CodeSentinel AI
Autonomous Security Agent for DevSecOps
Every day, 30,000+ developers push vulnerable code to production without knowing it. CodeSentinel watches your GitLab 24/7 β like a senior security engineer who never sleeps. The moment you push code, it analyzes, scores risk, and comments on your MR β in 30 seconds. What used to take 3 hours of manual review now takes 30 seconds. Zero human intervention.
The Problem
- Developers push code with security vulnerabilities daily
- Manual security reviews are slow (hours/days) and inconsistent
- Vulnerabilities reach production before anyone notices
- Security teams are overwhelmed and can't review every commit
The Solution
CodeSentinel AI is an autonomous security agent that:
- Watches your GitLab repos via webhooks
- Analyzes every code push using Claude AI
- Reports vulnerabilities directly on Merge Requests
- Scores deployment risk (1-10) with GO/NO-GO recommendations
- Alerts your team on Slack for critical issues
- Dashboards everything in a real-time web interface
The Impact
- 30 seconds vs 3 hours for security review
- Zero manual intervention after one-time setup
- OWASP Top 10 + GDPR compliance checking built-in
- Prevents vulnerable code from reaching production
Architecture
βββββββββββββββ Webhook (push/MR) ββββββββββββββββββββ
β GitLab β βββββββββββββββββββββββββββΆβ CodeSentinel β
β Repo β β Express Server β
βββββββββββββββ β (port 3000) β
ββββββββββ¬ββββββββββ
β
ββββββββββββββββββββββββΌβββββββββββββββββββββββ
βΌ βΌ βΌ
ββββββββββββββββββ ββββββββββββββββββββ βββββββββββββββββββ
β Security β β Compliance β β Risk β
β Scanner β β Checker β β Scorer β
β (Claude API) β β (Claude API) β β (Claude API) β
ββββββββββ¬ββββββββ ββββββββββ¬ββββββββββ ββββββββββ¬βββββββββ
β β β
ββββββββββββ¬βββββββββββββββββββββββββββββββββ
βΌ
ββββββββββββββββββββ
β Report Generator β
ββββββββββ¬ββββββββββ
β
ββββββββββββββββββββ¬β΄ββββββββββββββββββββ
βΌ βΌ βΌ
ββββββββββββββββ ββββββββββββββββββ ββββββββββββββββββββ
β GitLab MR β β Slack Alert β β Web Dashboard β
β Comment β β (Critical) β β (Real-time) β
ββββββββββββββββ ββββββββββββββββββ ββββββββββββββββββββSetup (5 Steps)
Step 1: Clone & Install
git clone <repo-url>
cd codesentinel
npm installStep 2: Configure Environment
cp .env.example .envEdit .env with your keys:
ANTHROPIC_API_KEY=sk-ant-xxxxxxxxxxxxx # From console.anthropic.com
GITLAB_TOKEN=glpat-xxxxxxxxxxxxx # GitLab β Settings β Access Tokens
GITLAB_URL=https://gitlab.com # Your GitLab instance
WEBHOOK_SECRET=your-secret-here # Any secret string
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/xxx/xxx/xxx # Optional
PORT=3000Step 3: Start the Server
npm start
# or for development:
npm run devStep 4: Configure GitLab Webhook
- Go to your GitLab project β Settings β Webhooks
- URL:
http://your-server:3000/webhook - Secret Token: same as
WEBHOOK_SECRETin.env - Trigger: β Push events, β Merge request events
- Click Add webhook
Step 5: Push Code & Watch
Push code to your GitLab repo β CodeSentinel will automatically:
- Scan changed files for vulnerabilities
- Post a security report on your MR
- Alert Slack if critical issues are found
- Update the real-time dashboard
API Endpoints
| Endpoint | Method | Description |
|---|---|---|
/webhook |
POST | GitLab webhook receiver |
/health |
GET | Server health check |
/dashboard |
GET | Real-time web dashboard |
/api/results |
GET | JSON scan results + stats |
Manual Scan
Scan local files without GitLab:
npm run scan -- ./path/to/codeEnvironment Variables
| Variable | Required | Description |
|---|---|---|
ANTHROPIC_API_KEY |
Yes | Claude API key |
GITLAB_TOKEN |
Yes | GitLab personal access token |
GITLAB_URL |
Yes | GitLab instance URL |
WEBHOOK_SECRET |
Yes | Webhook validation secret |
SLACK_WEBHOOK_URL |
No | Slack incoming webhook URL |
PORT |
No | Server port (default: 3000) |
Tech Stack
- Runtime: Node.js + Express
- AI Engine: Claude API (Anthropic)
- Integration: GitLab API v4
- Notifications: Slack Webhooks
- Dashboard: Vanilla HTML/CSS/JS (zero dependencies)
License
MIT