Skip to content

Releases: appsecninja32/CosmoGrepperAI

Cosmo Grepper AI v1.0.0

19 Apr 19:45
@appsecninja32 appsecninja32
v1.0.0
de4e02a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Cosmo Grepper AI v1.0.0 Latest
Latest

COSMO GREPPER AI v1.0.0 — First Public Release
This is the first official release of COSMO GREPPER AI, an application security analysis tool that extends Semgrep’s scanning engine with deeper, context‑aware intelligence. This version introduces the full core workflow, combining static analysis, LLM‑powered enrichment, and open-source dependency insights into a single streamlined experience.

Key Features
Semgrep‑Powered Code Scanning
COSMO GREPPER AI uses Semgrep as its scanning foundation, delivering fast, rule‑driven detection of insecure patterns across multiple languages. Findings are returned in structured form and enhanced through additional layers of analysis.

Local and Optional Cloud LLM Enrichment
This release introduces the hybrid intelligence model:

  • Local LLMs provide offline reasoning, summaries, and contextual interpretation of findings.

  • Optional cloud LLMs can be configured through an endpoint and API key for deeper analysis when desired.

OSS Vulnerability Insights via Sonatype OSS Index
Dependency‑level security is supported through integration with Sonatype’s OSS Index. This enables visibility into vulnerable open source components alongside code‑level issues.

Unified Dashboard

  • The FastAPI‑powered dashboard provides:
  • Real‑time scan execution
  • Clear visualization of findings
  • Severity and risk context
  • Code snippet previews
  • Local or cloud LLM selection

Configurable Model and Endpoint Support
Users can specify:

  • Model name
  • Local LLM runtime
  • Cloud LLM endpoint
  • API key
    This allows flexible operation in both offline and connected environments.

What to Expect in This First Release
This version establishes the foundation of the platform. Refinements will continue as the community uses the tool and provides feedback. Improvements to rule coverage, UI polish, and LLM reasoning quality are planned for upcoming releases.

License
COSMO GREPPER AI is free under a community‑friendly license and offered as a contribution to the AppSec community.

Support the Project
If you find value in this tool and want to support future development, you can do so here:
https://buymeacoffee.com/appsecninja32

Assets 2
Loading