.
🛡️ CodeGuardian The Autonomous, Self-Healing Security Engineer
CodeGuardian is an autonomous DevSecOps agent that doesn’t just detect vulnerabilities — it fixes them, verifies the fix in isolation, and submits a pull request gated by AI code review.
✨ What CodeGuardian Does
Most security tools stop at alerts. CodeGuardian closes the loop.
Detect → Fix → Verify → Review
⚔️ Attacks the application using deterministic security tests
🧪 Runs everything in isolated Daytona sandboxes
🚨 Detects vulnerabilities and logs them via Sentry
🔊 Notifies developers (voice + UI)
🧠 Generates a secure fix using an LLM
✅ Re-runs the same attack to verify the fix
🔀 Creates a Pull Request automatically
🐰 Blocks merge until CodeRabbit approves
🧠 Why CodeGuardian?
Security alerts without remediation create friction.
CodeGuardian is built around one idea:
If an AI proposes a fix, it must also prove the fix works.
That proof happens in fresh, ephemeral sandboxes, never on developer machines or production systems.
🏗️ Architecture Overview GitHub Push ↓ Daytona Sandbox ↓ Attack Script (SQLi / XSS) ↓ Sentry Event ↓ Orchestrator (FastAPI) ↓ Autonomous Agent (LLM) ↓ Daytona Verification ↓ Pull Request ↓ CodeRabbit Review (Gate)
🛠️ Tech Stack
Languages & Frameworks Python, FastAPI, Uvicorn
Security & Observability Sentry, Deterministic Attack Scripts
Sandboxing & Automation Daytona, Daytona SDK
AI & Agents Large Language Models (Gemini / OpenAI / alternatives)
Code Review & Governance GitHub, GitHub REST API, CodeRabbit
Developer Experience ngrok, python-dotenv
🚀 How It Works (End-to-End) Phase 1 — Attack & Detect
A vulnerable app is deployed inside a Daytona sandbox.
A security attack script runs (e.g., SQL injection).
If the attack succeeds, a Sentry event is generated.
Phase 2 — Alert
The Orchestrator receives the incident.
A human-readable alert is generated.
Optional voice alert simulates on-call notification.
Phase 3 — Autonomous Healing
The agent generates a code patch using an LLM.
The patch is applied inside a fresh sandbox.
The same attack is re-run.
If the attack fails → the fix is verified.
Phase 4 — Quality Gate
A Pull Request is created automatically.
CodeRabbit reviews the PR.
Merge is blocked until CodeRabbit approves.
🔐 Safety by Design
❌ AI never merges code
❌ No secrets inside sandboxes
✅ Ephemeral environments for all execution
✅ Deterministic verification before PR creation
✅ Human-in-the-loop enforced via GitHub + CodeRabbit
🧪 Demo Workflow
python orchestrator.py
python scripts/run_daytona.py
GET /incidents
POST /incidents/{id}/run-agent
📚 What We Learned
Autonomy without verification is dangerous
Isolation enables trust in AI systems
Smaller, deterministic demos beat fragile complexity
AI works best with enforced stopping points
🏆 What We’re Proud Of
A true closed-loop security system
Safe, reproducible remediation
Zero “fake automation”
Real PRs with real reviews
A system that respects developer control
🔮 What’s Next
Support for more vulnerability classes (XSS, auth bypass, SSRF)
Persistent agent memory across incidents
Policy-driven remediation strategies
One-click GitHub App deployment
🧩 Repository Structure ├── src/ │ └── main.py # Vulnerable demo app ├── tests/ │ └── attack.py # Deterministic attack script ├── orchestrator.py # Incident + agent controller ├── agent.py # LLM reasoning layer ├── remediator.py # Sandbox execution + verification ├── scripts/ │ └── run_daytona.py # Daytona runner ├── requirements.txt └── README.md
Security shouldn’t just tell you what’s wrong. It should help you make it right.
That’s what CodeGuardian is built to do.