Mondoo

SAST · Secrets · SBOM

Real findings, not noise.
Built for AI agents.

A free, Semgrep-compatible security scanner. Tree-sitter AST analysis with cross-file taint tracking, 270+ secret detectors, and CycloneDX/SPDX SBOMs — a single binary that drops straight into your CI pipeline, or that your coding agent drives over MCP.

Bash
$ npx @mondoohq/xgrep scan ./src
287 files · 1,000+ rules · secrets on
CRITICAL sql-injection src/db/query.py:42 request.args → cursor.execute
HIGH aws-access-key src/config.py:11
WARNING weak-crypto src/auth/hash.py:28
3 findings · run `xgrep sbom .` for a CycloneDX SBOM

SAST that reports what's actually exploitable.

xgrep parses your code with tree-sitter and traces untrusted input from source to sink across files and functions. When it flags a vulnerability, it's real — not a style nit.

AST, not regex
Tree-sitter parsers understand structure and typed metavariables — far fewer false positives than text matching.
Cross-file taint analysis
Follows tainted data through calls and modules to confirm a real source-to-sink path before reporting.
vuln vs. audit tiers
Exploitable issues are separated from hardening advice, so severity reflects real risk — not noise.

Vulnerability coverage

Injection (SQL, command, code, LDAP, template)
Cross-site scripting (XSS)
Server-side request forgery (SSRF)
Insecure deserialization
Path traversal
Authentication & session flaws
Weak crypto & TLS
ReDoS & denial of service
Sensitive-data exposure

Every rule is mapped to CWE and the OWASP Top 10, and every finding ships with code context and remediation guidance. Infrastructure as code is covered too — Terraform/HCL, Dockerfiles, and GitHub Actions workflows.

Bring your own rules — Semgrep-compatible YAML works unchanged
YAML
rules:
- id: sql-injection
patterns:
- pattern: cursor.execute($QUERY)
- pattern-not: cursor.execute("...")
message: Possible SQL injection via string formatting
severity: CRITICAL
languages: [python]

33 languages supported

BashCC++C#ClojureDartDockerfileElixirErlangGoHCLHTMLJavaJavaScriptJSONJuliaKotlinLispLuaOCamlPHPPythonRRubyRustScalaSchemeSoliditySwiftTSXTypeScriptXMLYAML

Catch secrets before they ship — and the ones already leaked.

Secret scanning runs on every scan. 270+ provider-specific detectors match real key formats — prefixes, lengths, checksums — instead of guessing on entropy, so you get signal, not noise.

270+ detectors, 150+ providers
AWS, GitHub, Stripe, OpenAI, Anthropic, Slack, Cloudflare, and hundreds more.
Scans full git history
Find secrets that were committed and later removed, with the commit and author that introduced them.
Validates live credentials
Optionally calls the provider to mark each secret confirmed_live, revoked, or invalid.
Secrets hide in git history and encoded blobs — xgrep scans both
Bash
# Find secrets across full git history, with commit provenance
xgrep scan --history --category secrets .
# Decode base64/hex/gzip payloads to catch hidden keys
xgrep scan --decode --category secrets .
# Confirm which leaked keys are still live
xgrep scan --validate --category secrets .

Well-known placeholder values (like AWS’s documentation keys) are filtered out, so examples never page you. Secrets are reported even in test paths, where real credentials most often slip through.

AWSAzureGoogle CloudGitHubGitLabStripeOpenAIAnthropicSlackDiscordTwilioSendGridDatadogCloudflareVaultMongoDBSnykVercelJWTPrivate keys+150 more

A complete software bill of materials, instantly.

Point xgrep at a repo and get a standards-compliant SBOM straight from your lockfiles — no build, no network, and no package manager required.

11 ecosystems
Go, npm, Python, Rust, Ruby, PHP, Java, .NET, Dart, Elixir, and Swift — parsed straight from manifests and lockfiles.
CycloneDX & SPDX
Emit CycloneDX (JSON/XML) or SPDX (JSON/tag-value) with PURLs, CPEs, and licenses for every package.
Offline & hermetic
Pure file parsing — nothing is installed or executed, so it is safe to run anywhere, including CI.
Generate an SBOM in the format your tooling expects
Bash
# CycloneDX SBOM written to a file
xgrep sbom --format cyclonedx-json -o sbom.json .
# SPDX, direct dependencies only, from a specific git tag
xgrep sbom --format spdx-json --direct-only --ref v1.4.0 .
GonpmPythonRustRubyPHPJava.NETDartElixirSwift

Your CI pipeline shouldn't wait for your scanner.

No interpreter to boot, no packages to install, no warm-up — and no AI agent or hosted backend required. SAST, secrets, and SBOM all run from one binary the moment CI calls it.

60 ms cold start
semgrep needs over a second before scanning even starts
Single binary
Zero dependencies. No Python runtime, no Docker.
Parallel by default
Scales to all CPU cores

Built for the AI-native security workflow.

Traditional SAST dumps 500 findings. Your team ignores 400 of them. xgrep lets AI agents triage with full code context.

Traditional SAST

1Scan codebase
2Dump 500 findings
3Human triages for days
4Next sprint, repeat

AI-Native SAST

1xgrep scans the codebase
2Agent skills trace call chains via the code graph
3Auto-classifies TP / FP with evidence
4Generates fixes with full context
xgrep-triage
Investigate and classify scan findings using code-graph call-chain and dataflow analysis
xgrep-inspect
Navigate and understand source code with AST-powered code intelligence
xgrep-rule-creator
Create custom detection rules with a test-first methodology
xgrep-remediate
Safely fix confirmed findings with the verify/apply autofix harness
secure-coding
Proactively avoid generating vulnerable code patterns while writing
Bash
# Install the bundled skills into Claude Code
npx @mondoohq/xgrep skill install

“xgrep does not embed an LLM. It gives your agent skills and tools.”

Works with your AI agent.

xgrep integrates as a backend skill for any coding agent — via MCP, CLI, or direct tool calls. Your agent scans, traces, and fixes without leaving the session.

Claude CodeClaude Code
CursorCursor
OpenAI CodexOpenAI Codex
Gemini CLIGemini CLI
GitHub CopilotGitHub Copilot
WindsurfWindsurf
GooseGoose
ClineCline
KiroKiro
RooRoo
TraeTrae
OpenCodeOpenCode
Kilo CodeKilo Code
Claude CodeClaude Code
CursorCursor
OpenAI CodexOpenAI Codex
Gemini CLIGemini CLI
GitHub CopilotGitHub Copilot
WindsurfWindsurf
GooseGoose
ClineCline
KiroKiro
RooRoo
TraeTrae
OpenCodeOpenCode
Kilo CodeKilo Code

First scan in 30 seconds.

Add xgrep as a backend skill for your coding agent, or run it directly.

Install as agent skill

Bash
# Claude Code — install the bundled skills
# (triage, inspect, rule-creator, remediate, secure-coding)
npx @mondoohq/xgrep skill install
# Cursor / Windsurf / any MCP client
{
"mcpServers": {
"xgrep": {
"command": "npx",
"args": ["@mondoohq/xgrep", "mcp"]
}
}
}

Run directly

Bash
# npx (zero install)
npx @mondoohq/xgrep scan ./src
# Or install globally
npm install -g @mondoohq/xgrep
# Rules are built in — just point at your code
xgrep scan ./src

Common commands

Bash
# Scan for vulnerabilities and secrets
xgrep scan .
# Diff-aware scan in CI (auto-detects the provider)
xgrep ci
# Generate a CycloneDX SBOM
xgrep sbom --format cyclonedx-json -o sbom.json .
# Scan git history for leaked secrets
xgrep scan --history --category secrets .
# Output SARIF for GitHub Code Scanning
xgrep scan --sarif -o results.sarif .
# Use custom rules
xgrep scan -f my-rules/ .

In your editor

The Mondoo VS Code extension runs xgrep’s language server for real-time, in-editor diagnostics, taint visualization, and quick fixes. Available on both the Visual Studio Marketplace and Open VSX (for VSCodium, Cursor, and Windsurf).