A GitHub app that detects malicious code in pull requests and prevents it from getting merged. Alongside it, also released a Semgrep ruleset for detection at any stage of the CI/CD.