supership
Crest Deployment Systems LLC
Predeploy security scanner for AI-generated code. Scan locally, attest on-chain. Your source code never leaves your machine.
how it works
01
Scan locally
Your code stays on your machine. 80 rules across 6 categories detect critical vulnerabilities in AI-generated code.
02
Attest on-chain
Ed25519-signed attestation anchored to a witness chain. Tamper-evident proof your code was scanned.
03
Ship confidently
Severity-gated grading. Any critical finding = grade F. No false confidence from averaged scores.
detection
Injection
Command injection, SQL injection, XSS, template injection
Secrets
Hardcoded API keys, tokens, credentials in source code
Auth
Missing authentication, weak session handling, privilege escalation
Crypto
Weak algorithms, insecure random, broken TLS configuration
Data exposure
Sensitive data in logs, error messages, debug output
Dependencies
Known vulnerable packages, outdated libraries, supply chain risk
pricing
Free scan
$0
- Full vulnerability detection
- 80 rules, 6 categories
- Severity-gated grading
- Local execution only
Witnessed attestation
$0.01
- Everything in free scan
- Ed25519-signed attestation
- Chain-anchored proof
- Verifiable by third parties
get started
MCP server (for Claude, Cursor, Windsurf)
npx @crestdeploymentsystems/supership-mcpCLI scanner
npx @crestdeploymentsystems/supership-scan ./my-projectAPI
supership.crestsystems.ai/scanFREEsupership.crestsystems.ai/attest$0.01trust
Attestations are Ed25519-signed and chain-anchored. Every signature is independently verifiable.
Source code is never transmitted. The scanner runs locally. Only the scan result hash is sent for attestation.
Payment via x402 protocol on Base mainnet (USDC). Settlement under 2 seconds.