Show HN: Malicious code detector
github.comHey HN,
I built a GitHub app that detects malicious code in pull requests and notifies or blocks them. Alongside it, I published a Semgrep ruleset for any stage of the CI/CD.
I started this after getting frustrated by all the FUD around malicious code - lots of noise, little effort to solve it. While discussing new threats is important, hyping every piece of code no one ever uses isn’t helping.
That said, malicious commits are a major attack vector - a stored RCE, with the codebase itself as the sink. That’s why I built this.
Would love to hear your feedback. Cheers, Matan