Hadrix

Hey everyone! 👋🏻 I'm one of the creators of Hadrix and we're super excited to share what we've been working on. Hadrix is an open-source, AI-powered security scanner that audits your codebase for vulnerabilities. I originally built this as a tool for my own projects while I was working on a mental health app. I realized that my (AI-generated) code contained several security vulnerabilities that Claude Code & Codex didn’t catch when I asked them to run a security scan for me. Mostly around (lack of) auth and direct DB interaction in my frontend code. I started to find some more success when I would prompt Codex to scan for specific security issues in specific places. For example - "Are any of my API endpoints vulnerable to the following attacks: ...", "Do I have any exposed credentials in my code?", etc. This worked decently but it seemed like a more standardized way of doing this would be better. So I built a better solution. Hadrix is a CLI tool that scans for a variety of vulnerabilities and gives you detailed guidance on remediation. We scan for issues like leaked secrets, broken access control (e.g. IDOR), injection, vulnerable dependencies, logic bugs, security misconfiguration, and more. Security in AI-generated code is a massive problem and is going to get worse as more people get into vibe coding without knowledge of security fundamentals. Hadrix aims to be the guardrails that AI-powered development desperately needs. It's open source and free to use — just bring your own OpenAI/Anthropic API key. Check out https://hadrix.ai/ for a guide on installing and using the scanner.