Ironward

Security scanning for the vibe coding era.

An open-source MCP server, CLI, and GitHub Action that finds hardcoded secrets, auth bugs, SQL injection, XSS, IDOR, and vulnerable dependencies in your code — and opens a fix PR. Four of its tools work fully offline, no API key required.

Install

# Scan the current project — no install, no API key.
npx ironward scan .

That's it. Runs offline, streams findings, exits non-zero on criticals so CI fails.

Or install globally:

npm install -g ironward
ironward scan ./src

The 13 tools

Bring your own model. AI tools work with Anthropic, OpenAI, Gemini, Groq, or a fully-local Ollama install.

Demo

$ npx ironward scan ./src
Ironward — offline scan of ./src

── scan-secrets ──
src/config.js
  [CRITICAL] L14:1  AWS access key ID  (aws_access_key)
      AKIA***REDACTED***

── scan-code ──
src/api/upload.js
  [HIGH] L42:5  eval() call  (eval-call)
      why: eval executes arbitrary code — a direct RCE sink when fed user input.
      fix: Remove eval. Parse data explicitly (JSON.parse, Function constructors).

── scan-deps ──
2 vulnerabilities across 14 dependencies — 1 critical, 1 high, 0 medium.

[CRITICAL] lodash@4.17.15  GHSA-p6mc-m468-83gw  — fixed in 4.17.19
  Prototype pollution in lodash

Done in 412ms.  Exit 2.

Exit codes: 0 clean · 1 low/medium findings · 2 critical or high findings (fails CI).

ironward login — use AI-powered scanners

Offline tools are always on. To enable scan_auth_logic, scan_sqli, scan_xss, scan_idor, and fix_and_pr, pick a provider:

ironward login

Interactive picker:

Ironward — pick an AI provider.

  1. Anthropic   — Claude Opus/Sonnet — best reasoning
  2. OpenAI      — GPT-4o — great alternative
  3. Google      — Gemini 1.5 Pro — good for XSS/SQLi
  4. Groq        — Llama 3 — fastest, cheapest
  5. Ollama      — Local — free, private, no cloud
  6. Skip        — offline tools only

Choose a provider [1-6]:

Key is stored in ~/.ironward/config.json (chmod 600) and never leaves your machine.

ironward whoami     # show current provider + model
ironward logout     # remove saved config
ironward free       # list tools that work without any API key

Use in Cursor / Claude Code / VS Code

// ~/.cursor/mcp.json
{
  "mcpServers": {
    "ironward": {
      "command": "npx",
      "args": ["-y", "ironward@latest"],
      "env": { "ANTHROPIC_API_KEY": "sk-ant-..." }
    }
  }
}

claude mcp add ironward -- npx -y ironward@latest

// .vscode/mcp.json
{
  "servers": {
    "ironward": {
      "command": "npx",
      "args": ["-y", "ironward@latest"]
    }
  }
}

ANTHROPIC_API_KEY (or any other provider key) is only required for the AI tools. Offline tools work without it.

GitHub Action

Scan on every push and pull request. Inline PR annotations, job summary with full findings table, zero config.

# .github/workflows/security.yml
name: Security
on: [push, pull_request]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: rayentr/ironward/github-action@v1
        with:
          fail-on: critical

Full configuration and outputs in github-action/README.md.

CLI reference

Scanning
  ironward scan <path>              run every offline scanner (auto-detects IaC files)
  ironward scan-secrets <path>...   665 pattern families
  ironward scan-code <path>...      61 static analysis rules
  ironward scan-deps <path>...      OSV CVE + typosquat / malware / license
  ironward scan-url <https-url>     security headers, TLS, exposed files
  ironward scan-docker <path>...    Dockerfile + docker-compose
  ironward scan-k8s <path>...       Kubernetes manifests
  ironward scan-infra <path>...     Terraform + CloudFormation
  ironward scan-github <path>...    GitHub Actions workflows

Provider
  ironward login                    pick AI provider (interactive)
  ironward logout / whoami / free

Misc
  ironward --version
  ironward --help

Output format
  --format json                     machine-readable output for CI
  --format text                     (default)

VS Code extension

Ironward ships a native VS Code extension — inline squiggles, scan on save, status bar count, and a one-click "suppress this finding" quick-fix. Bundled standalone — no CLI install needed.

# Marketplace
code --install-extension ironward.ironward

# Or from a local .vsix build
cd vscode-extension && npm install && npm run package
code --install-extension ironward-vscode.vsix

Settings: ironward.scanOnSave, ironward.minConfidence, ironward.enabledScanners. See the extension README for details.

SARIF + JUnit + webhooks

Ironward fits into the tools your team already uses.

# GitHub Security tab
ironward scan-secrets --format sarif . > results.sarif
# Then in GitHub Actions:
#   - uses: github/codeql-action/upload-sarif@v3
#     with: { sarif_file: results.sarif }

# Jenkins / CircleCI / GitLab / Azure DevOps test panels
ironward scan-code --format junit . > results.xml

# Slack (or any POST endpoint)
ironward scan-secrets . --webhook "$SLACK_WEBHOOK_URL"

The webhook payload auto-detects Slack (hooks.slack.com) and emits Block Kit with rich formatting; any other URL receives raw JSON.

Watch mode + git pre-commit hook

ironward watch — file watcher that re-scans on every save. Ctrl-C to stop.

ironward watch ./src
# 🛡  Ironward watching src — Ctrl-C to stop
# 14:32:07  src/api/auth.ts
#   [CRITICAL] L42  jwt-alg-none  conf=95

ironward install-hooks — installs a git pre-commit hook that blocks commits with critical/high findings. Respects core.hooksPath (husky, lefthook, …) and preserves existing hook content.

cd myproject
ironward install-hooks
# git commit now blocks on findings
# bypass once: git commit --no-verify
# remove entirely: ironward uninstall-hooks

Incremental scanning + .ironwardignore

Ironward caches per-file scan results at ~/.ironward/cache.json keyed by content hash. On re-scan, unchanged files are served from cache — typically 5–10× faster on warm runs.

Pre-commit hooks become instant:

# Only scan files about to be committed.
ironward scan-secrets --staged

# Or files changed relative to a branch.
ironward scan-secrets --since=main

# Bust the cache if you need a fresh run.
ironward scan-secrets --no-cache .

Exclude files via .ironwardignore (gitignore syntax):

# .ironwardignore
fixtures/synthetic-secrets/
generated/
*.test.ts

Ironward also honors your existing .gitignore.

What makes it different

• Offline-first. Four of nine tools run with zero network (except OSV.dev for CVE lookups). Bring an API key only when you want AI reasoning for auth/SQLi/XSS/IDOR.
• It fixes the bug, not just finds it. fix_and_pr generates multi-file patches and re-scans the fix before opening a PR.
• Bring your own model. Anthropic, OpenAI, Gemini, Groq, Ollama. Your key stays local. No Ironward cloud.
• Three-line install. No signup, no SSO handshake, no per-seat pricing.
• Self-scanned. Ironward scans its own source on every commit — zero findings.

Contributing

PRs welcome. The codebase is small and well-tested:

git clone https://github.com/rayentr/ironward
cd ironward
npm install
npm test          # 166 tests, all offline, no API calls
npm run build
node dist/bin.js scan ./src

Good first issues:

• Add a new secret-pattern family — edit patterns/secrets.json and add a fixture to tests/fixtures/categories/.
• Add a static-analysis rule — edit src/engines/code-rules.ts.
• Teach scan_url a new probe — src/engines/url-scanner.ts.

Every new pattern/rule must ship with a test. The scanner must stay self-clean (node dist/bin.js scan ./src returns 0 findings).

License

MIT — free to use, fork, ship.

_{Built by @rayentr.
Star the repo if Ironward saved you from shipping a secret. ⭐}