This project automates the process of analyzing source code files for potential security vulnerabilities using Generative AI. It uploads a set of code files, sends them to an AI model for analysis, and generates a detailed report identifying vulnerabilities in the code. The project uses the GenerativeAI platform and integrates with Google's AI models to provide security insights.
-
The program accepts three arguments:
apiKey: Your API key for accessing Generative AI services.fileExtension: The file extension of the code files you want to analyze (e.g.,cs,js).folderPath: The path to the folder containing the code files.
-
It uploads the code files to the Google AI platform.
-
The AI analyzes the code and identifies potential security vulnerabilities, providing detailed reports such as:
- File Name
- Vulnerable Line
- Vulnerability Description
- Suggested Fix
-
The report is displayed in the console.
dotnet run <apiKey> <fileExtension> <folderPath>