open-source security — beta

Triage every alert. Cliff proves which run.

Cliff reads every alert and security report and checks whether the flagged code actually runs in your repo — and whether an attacker could reach it. It confirms the real ones, clears the rest with its reasoning on record, and drafts the fix.

finding
A library you depend on has a flaw that could crash your app.
CVSS 7.5 · braces — transitive in package-lock.json
you
is this even real?
cliff is reasoning
  1. evidence pulled CVE detail, mapped braces usage in lockfile
  2. reachability matchBase() — the vulnerable function — is never called from your code
  3. exploitability skipped, not reachable
  4. verdict noise. cleared with reasoning. you never had to read it.
cliff
A function you never call is noise. Cleared, with the reasoning on record.
Read the docs

AGPL-3.0 · Free forever for open-source maintainers · Built by security researchers submitting to Chrome VRP and other major bug-bounty programs.

triage

Most of it isn't real. Cliff tells you what is.

The security noise hits you from two places: your scanners and your inbox. Cliff reads every item from both, works out what's actually exploitable (not just present), and returns one of three verdicts.

01  from your scanners

The noise machine

Dependabot and GHSA flag every CVE in every dependency, most in code you never call. The pile trains you to ignore the channel, until a real one slips through. Cliff checks whether the vulnerable function actually runs, and clears what can't be exploited, with its reasoning on record.

"Dependabot is a noise machine. It makes you feel like you're doing work."— an open-source maintainer
02  from your inbox

AI slop

Then there are the reports, increasingly AI-generated, plausible enough that refuting each one costs hours. At curl, fewer than 1 in 20 were real. Cliff confirms the genuine ones and debunks the rest before they eat your week.

"These reports appear at first-glance to be potentially legitimate and thus require time to refute."— a maintainer who triages security reports
— and for each one, a verdict you can read
real
Exploitable: an attacker can actually reach it. Cliff drafts the fix as a PR you approve.
noise
A function you never call, so not exploitable. Cleared, with the reasoning saved, so you never had to read it.
your call
Cliff isn't sure, and says so. It hands you the evidence to decide in seconds.

One queue, two sources, one honest answer for each. Your inbox gets quiet, and the one that matters doesn't get lost in it.

how it works

Three steps from install to merged PR.

The real ones don't just get flagged. Cliff fixes them. It runs locally, your source never leaves the machine, and every fix arrives as a draft pull request you review like any contribution.

01 · point

Point Cliff at your repo.

One command. Your GitHub token, your AI provider key, your repo URL. No setup wizard, no SaaS account.

code stays local. nothing uploaded.

02 · scan

Cliff scans, explains, and grades.

Lockfiles plus posture checks plus plain-English descriptions. A grade A through F, with the five things you need to fix to reach A.

first scan takes about two minutes.

03 · remediate

Cliff remediates.

Fixes land as draft pull requests you review. Cliff explains its reasoning. You merge — it ships.

nothing auto-merges. you stay in control.

road to A

Cliff walks you to grade A.

Clearing the noise and fixing what's real adds up. Cliff scores your repo A through F and walks you up, criterion by criterion: finding the work, drafting the fix, verifying the close.

  1. 01

    No critical issues

    Cliff finds them, reasons about reachability, drafts the fix.

  2. 02

    High-severity backlog under control

    What's exploitable gets a PR. The rest stays cleared, with reasoning on record.

  3. 03

    No secrets in code

    Cliff catches committed secrets before they ship — and helps you rotate them.

  4. 04

    Posture checks passing

    Branch protection, CODEOWNERS, SECURITY.md, lockfile presence — the basics, scored.

  5. 05

    Lockfile up to date

    Cliff keeps your lockfile current with safe updates as patches release.

what's in the box

Every box a security-curious maintainer wants to tick.

Six things Cliff does, today, in beta.

Lockfile scanning across npm, pip, Go modules, and more.

OSV.dev as the CVE source. No paid scanner dependency.

Posture checks beyond just dependencies.

Branch protection, secrets in code, SECURITY.md, lockfile presence — the basics, scored.

Agent-driven draft PRs.

Trivy plus Semgrep plus an LLM agent pipeline. Every PR is a draft; nothing auto-merges.

Plain-language CVE descriptions.

Every finding rewritten as if explaining it to a developer who has never read a CVE.

Self-hosted. BYOK LLM.

Anthropic, OpenAI, OpenRouter, or local Ollama. Your code stays on your machine.

AGPL-3.0. Free forever for OSS.

Open source itself. Run it, fork it, ship it on your repo.

who built this

Twelve years across the security stack.

Cliff is built by one person — not a team, not an enterprise sales motion.

Cliff is built by Gal Ankonina, a twelve-year security generalist — offensive research at Unit 8200, defensive work at Fortune-50 scale, product at three security startups, and ongoing OSS vulnerability hunting (Chrome VRP and other programs among the credits). The pattern across every chapter: small teams shipping real software with no one whose job is security. Cliff is what would help them.
Chrome VRP submissions confirmed
the destination
cliff verified — grade A badge

A standard of trust, earned.

Today, Cliff gives you a shareable completion summary card — a Markdown snippet for your README, an image you can post anywhere. The full public Cliff badge is next. It's not being rushed. The point isn't a badge — it's a standard of trust for open-source, earned by doing the work and never bought.

install

Two minutes. Two commands.

You'll need:

  • A GitHub token with repo scope
  • An Anthropic or OpenAI key (or local Ollama)
# installs the cliff binary, then starts it in the background
curl -fsSL https://github.com/cliff-security/cliff/releases/latest/download/install-local.sh | sh
cliffsec start --detach

Stuck? Open an issue on GitHub. Beta Discord coming soon.

contact

Get in touch.