VEXLIT Security Scanner

Version updated for https://github.com/vexlit/vexlit to version v0.1.0.

• This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

VEXLIT is a GitHub Action and CLI tool for detecting security vulnerabilities in JavaScript, TypeScript, and Python codebases. It leverages a hybrid Regex and AST-based analysis to identify issues related to the OWASP Top 10 and CWE, while providing SARIF-compatible output for seamless integration with GitHub Code Scanning. VEXLIT automates vulnerability scanning in CI/CD pipelines, supports LLM-based secondary verification, and offers configurable scanning rules to minimize false positives and enhance security workflows.

Release notes

Initial release: 21 security rules, AST-based analysis, SARIF output, GitHub Action

• vexlit
• GitHub Actions