Sekrd

The tool performs automated security audits for applications built with AI, examining both the client‑side code and the backend configuration. It crawls the site, fetches HTML and JavaScript, checks HTTP headers, and queries vulnerability databases for dependency CVEs. For connected backends such as Supabase or Firebase, it inspects row‑level security policies, Firestore rules, authentication settings, and storage bucket permissions.

It runs fifteen distinct checks in parallel, covering secret leakage, exposed database ports, CORS misconfigurations, missing rate limits, IDOR, CSRF, XSS, open redirects, and infrastructure issues like TLS version and DNS records. Results are presented with a single score and a “Ship/Block” verdict, plus a ready‑to‑paste fix prompt for each finding that can be used with any AI coding assistant.

The service supports scans from a URL, API endpoint, or Telegram bot, and can schedule automated re‑scans with email and Telegram alerts. All data remains with the user, and the platform offers a free tier for basic scans and history.