Skip to content

Playground

This runs the real SecureVibe engine โ€” the same scanners the CLI and MCP server use โ€” compiled to WebAssembly and executed entirely in your browser. Nothing you paste here leaves your machine: no upload, no backend, no telemetry. The malicious-package DB, typosquat DB, and secret-detection rules are baked into the .wasm module.

Loading the engine (~8 MB, one-time)โ€ฆ

๐Ÿ”Ž Scan dependencies

Paste a lockfile / manifest. Pick the filename so the right parser runs.

๐Ÿ” Scan for secrets

Paste code or config. Detection runs with entropy + hotword scoring.

Want this in your editor or CI instead of a browser tab? See Quick Start. The engine here is identical โ€” it just happens to run client-side.