Playground¶
This runs the real SecureVibe engine โ the same scanners the CLI and MCP
server use โ compiled to WebAssembly and executed entirely in your browser.
Nothing you paste here leaves your machine: no upload, no backend, no telemetry. The
malicious-package DB, typosquat DB, and secret-detection rules are baked into the
.wasm module.
Loading the engine (~8 MB, one-time)โฆ
๐ Scan dependencies¶
Paste a lockfile / manifest. Pick the filename so the right parser runs.
๐ Scan for secrets¶
Paste code or config. Detection runs with entropy + hotword scoring.
Want this in your editor or CI instead of a browser tab? See Quick Start. The engine here is identical โ it just happens to run client-side.