Skip to content

Add VulnHawk - AI-powered SAST scanner#122

Open
momenbasel wants to merge 1 commit intodevsecops:masterfrom
momenbasel:add-vulnhawk
Open

Add VulnHawk - AI-powered SAST scanner#122
momenbasel wants to merge 1 commit intodevsecops:masterfrom
momenbasel:add-vulnhawk

Conversation

@momenbasel
Copy link
Copy Markdown

@momenbasel momenbasel commented Apr 10, 2026

Hey, adding VulnHawk to the SAST section. It's an AI-powered static analysis tool that fills the gap between pattern-matching SAST (Semgrep/CodeQL) and manual code review.

The key feature is context enrichment - for each code chunk analyzed, it includes related code from elsewhere in the codebase (auth patterns, validation logic from similar endpoints). This lets the AI spot the one endpoint that skips authorization when all similar ones enforce it.

  • GitHub Action + CLI (pip install vulnhawk)
  • Free for Claude Code / Codex CLI subscribers, also works with Ollama locally
  • Supports Python, JS/TS, Go, Java, PHP, Ruby
  • SARIF input/output - chains with Semgrep/CodeQL findings

https://github.com/momenbasel/vulnhawk

@momenbasel
Add VulnHawk - AI-powered SAST scanner
234b4ce 
Add VulnHawk to the Testing section. It's an AI-powered static
analysis tool that fills the gap between pattern-matching SAST
and manual code review via context-enriched analysis.
Copilot AI review requested due to automatic review settings April 10, 2026 02:05
Copilot AI reviewed Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds VulnHawk to the repository’s tool list to include an AI-assisted static analysis/SAST-style scanner within the “Testing” tools section.

Changes:

  • Add a new README entry for VulnHawk under ## Testing

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

README.md
* [ShiftLeft Scan](https://slscan.io)
* [Snyk](https://snyk.io)
* [SourceClear](https://www.sourceclear.com)
* [VulnHawk](https://github.com/momenbasel/vulnhawk) - AI-powered static analysis tool with context-enriched code review. Supports Python, JS/TS, Go, Java, PHP, Ruby. GitHub Action + CLI with SARIF input/output.
Copy link

Copilot AI Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the only entry in the Testing list that adds a long, multi-sentence description after the link (via - ...). To keep the list consistent and scannable, consider limiting this to the same pattern as the surrounding items (link-only, or at most a very short phrase).

Copilot uses AI. Check for mistakes.
README.md
* [ShiftLeft Scan](https://slscan.io)
* [Snyk](https://snyk.io)
* [SourceClear](https://www.sourceclear.com)
* [VulnHawk](https://github.com/momenbasel/vulnhawk) - AI-powered static analysis tool with context-enriched code review. Supports Python, JS/TS, Go, Java, PHP, Ruby. GitHub Action + CLI with SARIF input/output.
Copy link

Copilot AI Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR description says this is added to the "SAST section", but the README doesn’t have a SAST section heading and this change lands under "## Testing". Please align the PR description with the actual placement (or move the entry if a different section was intended).

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@momenbasel