“GateTest ran on itself. We found 37 real errors — all fixed before shipping. The CI continue-on-error violation was caught by the ciSecurity module dog-fooding its own rule.”
Hall of Scans
Every result on this page came from running GateTest against a real public codebase. No fabricated numbers. No cherry-picked examples. This is what 120 modules actually find.
🔒 Scans run in memory — code is never stored. Findings published with platform owner consent.
“754 errors across a production scheduling platform. Two critical attack chains, both requiring less than 30 minutes to exploit. The supply-chain chain is the one that makes security engineers go quiet.”
Top Findings
Cross-Finding Attack Chains
“The clevgest chain of this batch: hardcoded secret + missing from .env.example. Neither finding alone is alarming. Together they mean you cannot rotate the secret even if you wanted to — the rotation attempt itself would break production.”
Top Findings
Cross-Finding Attack Chains
“The correlator returned 0 chains on this repo — findings were genuinely independent. We didn't pad. But the money-float finding in a legal-tech trust-account handler is, in isolation, a textbook fintech bug that regulators call fraud when it accumulates at scale.”
Top Findings
Cross-finding correlation: 0 chains identified. Findings were genuinely independent — the correlator does not pad results.
See what's in your repo
Free preview scan — no card required. Quick suite: syntax, lint, secrets, code quality. Runs in under 30 seconds on any public repo.