CodeVetter
Download
macOS build availableBuilt for the agent era

Stop mergingunreviewed AI code.

CodeVetter is a desktop review cockpit for the diffs your agent ships. Catch what Cursor, Claude Code, and Devin missed — vulnerabilities, regressions, and silent drift. Runs entirely offline.

Download for macOSSee it in action
No telemetryBring your own keyOpen source · ISCSigned binaries
codevetter — review · feat/refresh-tokens · #1284
⌘ K
vulnapps/api/src/auth/session_manager.ts
+2 / -0
36
import { db } from "@/lib/sql";
37
38
async function validateSession(token: string) {
39
// resolve session for the incoming request
40
const query = `SELECT * FROM sessions WHERE token = '${token}'`;
41
const result = await db.execute(query);
42
if (!result.rows[0]) throw new Error("Invalid session");
43
return result.rows[0];
44
}
SQL Injection Vector

Token concatenated directly into query body. Allows arbitrary read/write against sessions table.

+ db.query(`...$1`, [token])
Critical04
High12
Medium29
Patches ready45
What the review looks for
Common CWE / OWASP issue classes, mapped to severity
CWE-89SQL Injection
CWE-79Cross-site scripting
CWE-352CSRF token missing
CWE-798Hardcoded credentials
CWE-22Path traversal
OWASP-A01Broken access control
OWASP-A03Injection class
OWASP-A07Auth failures
REGEXCatastrophic backtracking
RACETOCTOU window
PIIToken logged at info
PERFN+1 query loop
TTLCache divergence
SEMVERBreaking API change
0ms
Cloud round-trip
the review runs on your device
3+
LLM providers
anthropic · openai · openrouter
100%
Code stays local
no proxy, no telemetry
$0
To run forever
bring your own LLM key
Capability matrix

Built for the way agents ship code.

Cursor, Claude Code, Devin — they merge fast and miss things. CodeVetter is the second pair of eyes that runs on your laptop.

Diff-aware review engine

Parses your patch, traces affected call sites, and feeds the LLM a focused context window. No shotgun prompts, no hallucinated files.

apps/api/src/users.ts
- return await db.raw(`SELECT * FROM users WHERE id = ${id}`);
+ return await db.query(`SELECT * FROM users WHERE id = $1`, [id]);
apps/api/src/cache.ts
~ ttl 60s → 86400s · review eviction
~ no invalidation on user.update

Bring your own key

Anthropic, OpenAI, OpenRouter. Keys live in your OS keychain. Zero proxying through us.

AnthropicLive
claude-3.5-sonnet$ANTHROPIC_API_KEY
OpenAILive
gpt-4o$OPENAI_API_KEY
OpenRouterReady
gemini-pro

Runs offline

Tauri binary. SQLite under the hood. No backend, no signup.

127.0.0.1
api.external.com

Git-native

Staged diffs, ranges, branches. Drop into any repo.

git diff HEAD~1
→ 4 files · 87 lines
codevetter review
Analyzing diff...

Severity-tiered

Critical → high → medium. Mapped to CWE & OWASP.

Critical
04
High
12
Medium
29

Patch suggestions, not pep talks

Every finding ships with a concrete code edit you can apply or discard. Reasoning is shown, not narrated.

CriticalAuto-Fix
SQL Injection Vector
Unparameterized token concatenated into query. High risk of arbitrary table access.
+ db.query(`...$1`,[token])
HighAuto-Fix
PII Leak in Logger
Authentication token leaks into DataDog via unredacted request payload.
+ logger.redact(['token', 'pwd'])
MediumAuto-Fix
Missing Rate Limit
No throttle applied to /auth/refresh. Potential vector for token exhaustion DoS.
+ rateLimit({ rpm: 60 })
Operating loop

Three steps. Zero ceremony.

No accounts, no setup wizards, no SaaS dashboard. Open the app, plug in a key, ship safer code.

Step 01

Drop in your diff

Stage changes, paste a patch, or hand it a branch range. CodeVetter parses files, hunks, and call-sites locally.

$ codevetter review HEAD~1..HEAD
parsing diff
resolving call-sites
building context...
Step 02

Pick the model

Choose Claude, GPT, or anything OpenRouter routes. Switch per-review. Token usage is live-tracked, never proxied.

→ provider=anthropic model=claude-3-opus
claude-3-opus
gpt-4o
Step 03

Triage the verdict

Findings ranked by severity, mapped to CWE, with concrete patch diffs. Apply, edit, or dismiss with one keystroke.

✓ 4 critical · 12 high · 29 medium
CRITICAL04
HIGH12
PATCHES READY45
Provider matrix

Any model. Your key.

CodeVetter is provider-agnostic. Test the same diff across models, pin one per repo, or rotate as new releases land.

300+
Models reachable
0
Tokens proxied
<200ms
Provider latency
Reviews allowed

Anthropic

Recommended for security review

Native
Claude 3.5 SonnetClaude 3 Opus

OpenAI

Fast diffs · robust reasoning

Native
GPT-4oGPT-4o-minio1-preview

OpenRouter

300+ models · single API key

Gateway
Gemini 1.5 ProLlama 3.1 405B

Local LLMs

100% private · air-gapped

Private
Qwen 2.5 CoderDeepSeek Coder
Pricing

Free for solo. Honest above it.

No tokens, no per-review fees. We don't see your code, so we can't bill on it.

Solo
$0forever

The full desktop binary. Bring your own LLM key. Use forever, no strings attached.

Unlimited local reviews
All LLM providers
Local SQLite history
Automatic updates
Download Now
Most Popular
Team
$12per user / month

Shared review presets and org policy rules. Everything stays on each machine.

Everything in Solo
Shared rule packs
Audit log export
SSO Authentication
Priority support
Get Early Access
Enterprise
Customtailored for you

Air-gapped installs, custom model routing, and dedicated security engineering.

Everything in Team
Air-gapped deployment
Custom CWE rulesets
On-prem audit logs
SLA guarantee
Talk to Sales
Latest build · Ready to review

Stop trusting agents blindly.

Install in 30 seconds. First review in under a minute. Your code never leaves your machine.

Download for macOSOther Platforms
Quick Install
brew install --cask codevetter
Signed binariesAuto-updatesNo account required