We are sunsetting Hakiri on January 31 2022. To learn more please refer to this document.

Hakiri performs static code analysis on your GitHub repo branches in Rails projects in order to detect vulnerabilities such as XSS or SQL injection.

Depending on your GitHub permissions settings, Hakiri will setup a web hook on GitHub and when you push new code, Hakiri will run security tests. A notification email will be sent out to you if any vulnerabilities are detected.

If you want to check your latest build from Hakiri Toolbelt, run the following command:

$ hakiri code:report -s stack_id

This will make a request to Hakiri and show all potential vulnerabilities to you.

If you think that a vulnerability is a false positive, you can always mark it as such. This rule will be applied to all future builds.