AI system that scans entire GitHub organizations for security vulnerabilities and auto-generates fix PRs — built with Next.js, GPT-4, and GitHub GraphQL.

Engineering teams managing 50+ repositories have no automated way to detect security vulnerabilities across their entire codebase. Manual code review doesn't scale — SQL injection, hardcoded secrets, and authentication bypasses go undetected for months.

A production-grade AI security platform that:

Crawls entire GitHub organizations via the GraphQL API — fetching 100+ repos in a single round trip

Runs GPT-4 over real source code to detect SQL injection, XSS, hardcoded secrets, insecure dependencies, CSRF, and path traversal vulnerabilities

Scores each finding by severity and confidence

Automatically generates fix PRs with secure code replacements and detailed commit messages

Streams real-time scan progress to a live dashboard via WebSockets

Next.js 15 · Node.js · Supabase (PostgreSQL) · BullMQ · Redis · OpenAI GPT-4 · GitHub GraphQL API · CrewAI

End-to-end tool shipped in under 2 weeks. Scans organizations of 100+ repos in minutes. Produces actionable, ready-to-merge PRs — no manual triage needed. Open source under MIT license.