find. fix. ship. close.
Most tools stop at the comment.
Hyrax ships the fix.
Critical
Hardcoded secret in environment loader
src/lib/env.ts:42 · Security
Fix
High
N+1 query in user resolver loop
src/api/users/resolver.ts:118 · Performance
Fix
High
Missing rate limit on public endpoint
src/api/auth/login.ts:24 · Security
Fix
Medium
Inconsistent error shape in user-facing API
src/api/users/index.ts:67 · Correctness
Fix
Start free · hyrax.dev
Ad 1 — provocation + the real product
// susvibes · 200 vulnerability-fixing tasks
Tests passed.
The code was still unsafe.
AI agents, run against 200 real OSS vulnerabilities.
Code that worked
60%
Code that was secure
19%
Read the breakdown · hyrax.dev
Ad 2 — real data, SusVibes (sourced)