Find vulnerabilities before attackers do

Paste a GitHub repo URL, your agent config, or a live agent endpoint URL. Nixer runs a 4-tool security scan and returns prioritized findings with remediation steps.

Supports public and private repos. Add GITHUB_TOKEN to env for private repo scanning.
Paste your full agent config JSON or YAML — system prompts, tool definitions, MCP endpoint configs.
Live HTTP endpoint for your agent. Nixer probes for credential stuffing exposure, unauthenticated LLM routes, and missing rate limiting. Max 30 polite requests — safe to run against staging.