Submit a GitHub repo URL. Within 24 hours you get a branded PDF listing every known CVE in your dependency tree, flagged against the CISA Known Exploited Vulnerabilities catalog, with severity, fixed version, and a five-step remediation plan. No subscription, no account, one payment.
Stripe secure checkout. Pay once. Report delivered by email within 24h.
Direct + transitive deps, Python or Node, parsed from your lockfile.
Matched against GitHub Security Advisories, refreshed hourly.
Which vulns are actively exploited in the wild right now.
Exact minimum safe version for each vulnerable package.
Critical → High → Medium, so you know what to fix first.
Concrete, copy-paste upgrade plan at the end of the report.
AI agents auto-install packages nobody reviews. Snyk and Dependabot scan code you push to git — agents don't push to git. Our related posts walk through the mismatch: the Trivy supply-chain compromise, the outdated packages inside fraud-detection AI, and the seat-vs-call pricing math.
This audit is a one-shot human-readable version of the same scan. You don't need to run anything. You don't need a wallet. You pay 9 CHF, and a PDF lands in your inbox within 24 hours.
Self-serve API also available. Agents with USDC wallets can call Aegis402 directly at $0.005 per dep via the x402 protocol. This audit is for humans who want a PDF and don't want to integrate anything.
requirements.txt, poetry.lock, Pipfile.lock) + Node (package-lock.json, yarn.lock) supported.9 CHF · one-time · 24h delivery · powered by Aegis402