A deterministic bug scanner for your terminal

One command finds bugs. One click fixes them.

Run hikaflow scan on your codebase. 7 deterministic engines find bugs, security vulnerabilities, and dead code. Pick which ones to fix — or hit Fix All. AI writes the fix, tests verify it.

15+ languages Python, TypeScript, Go, Rust, Java, C, Ruby, PHP, and more

7+ engines Ruff, Bandit, Semgrep, ESLint, Vulture, npm audit, AST

Every fix syntax-checked and linted before applying

View Docs

$pip install hikaflow

terminal

$ hikaflow scan src/

Scanning 42 files...

Found 4 issues:

#1 [critical] SQL injection in api/users.py:34

#2 [bug] Missing await in payments.ts:89

#3 [bug] fetch() without error handling in app.tsx:120

#4 [low] Dead code in utils.py:45

❯ ● #1 SQL injection in api/users.py:34

○ #2 Race condition in worker.py:120

○ #3 Unhandled None in checkout.py:89

○ #4 Dead code in utils.py:45

──────────────────

★ Fix All

↑↓ navigate · Space select · Enter fix

One command. Scan, select, fix.

scan

7+ deterministic engines scan for bugs, security issues, and dead code in seconds

select

Browse findings with arrow keys. Toggle individual issues or hit Fix All.

fix

AI generates each fix, applies it, and runs your tests to verify. Done.

What makes Hikaflow different

✗Copilot / ChatGPT — Guesses at code itcan't see or run
✗Linters — Pattern matching without understanding intent
✗SAST tools — Noisy reports you never have time to triage
✓Hikaflow — Reads your code, runs your tests, generates verified fixes, opens PRs

A complete debugging toolkit

From scanning to shipping fixes, Hikaflow handles it end-to-end

Deep Code Scanning

7+ engines including Ruff, Bandit, Semgrep, ESLint, Vulture, npm audit, and 13 AST specialists across 15+ languages.

Interactive AI Debugger

A conversational AI agent in your terminal. It reads files, searches code, runs tests, and explains exactly what's wrong and why.

Security Analysis

Find SQL injection, XSS, hardcoded secrets, insecure dependencies, and more across all supported languages via Semgrep, Bandit, and npm audit.

Verified Fix Generation

AI generates fixes, validates syntax, runs the linter, then runs your tests. Rejects bad fixes automatically.

GitHub Integration

Auto-trigger on PR failures. Post fix suggestions as comments. Create fix PRs automatically. Self-healing CI pipelines.

I/O Capture & Replay

Record all HTTP, SQL, Redis, and gRPC calls during tests. Replay deterministically to expose flaky behavior.

How It Works

Install, point, fix. That's it.

Scan

Point hikaflow at any file or directory. 7+ deterministic engines analyze your code in seconds.

$ hikaflow scan src/

Select

Browse the findings with arrow keys. Toggle individual issues to fix, or select Fix All to fix everything at once.

❯ ● #1 SQL injection ★ Fix All

Fixed

AI generates a fix for each issue, applies it, and runs your tests to verify. You just review the results.

✓ 4/4 fixed. All tests pass.

Built for real workflows

$ hikaflow scan src/api/

#1 [critical] SQL injection in users.py:34

#2 [bug] Missing await in payment.py:89

→ Fix All

✓ 2/2 fixed. Tests pass.

Bug Hunting

Scan any directory. Fix everything at once or cherry-pick.

# .github/workflows/scan.yml

- run: pip install hikaflow

- run: hikaflow scan --headless

Exit code 3 = 3 issues found

- run: hikaflow scan --json > report.json

CI/CD Integration

Run hikaflow ci-setup to generate everything. --headless for gates, --json for reports.

$ hikaflow scan .

#1 [critical] Hardcoded API key in config.py:12

#2 [critical] Command injection in deploy.py:45

#3 [warning] Insecure hash (MD5) in auth.py:78

✓ 3/3 fixed.

Security Hardening

Bandit + custom AST rules find vulnerabilities. AI fixes them properly.

$ hikaflow scan app.py

#1 [bug] Unhandled None return from get_user()

#2 [low] Dead code: unused import os

→ Select #1 only

✓ Fixed. Added None check. Tests pass.

Selective Fixing

Arrow keys to browse. Space to toggle. Fix only what matters to you.

Simple, transparent pricing

Start free, upgrade as you grow

Free

For individual developers

10 runs/month
5 AI fixes/month
Interactive debugger
7-day history
Community support

Pro

$39/month

For professional developers

500 runs/month
100 AI fixes/month
Interactive debugger
I/O capture & replay
GitHub auto-fix PRs
30-day history
Email support

Team

$99/month

For growing teams

5,000 runs/month
1,000 AI fixes/month
Everything in Pro
20 team members
Self-healing CI
Security scanning
Advanced analytics
Priority support

Need more? Enterprise plans with custom limits, SSO, and dedicated support.

Contact Sales →

Try it in 30 seconds

$ pip install hikaflow

$ hikaflow scan

Found 5 issues across 128 files

→ Fix All

✓ 4/5 fixed. All tests pass.

No login required for scanning.

Free forever. No credit card required.