BrokenApp

Integrations

Fits where you work.

BrokenApp integrates with your source control, CI/CD pipeline, auth provider, and AI tooling. One CLI, every workflow.

Available now

10 integrations. Zero config overhead.

Live

GitHub

Source control

Auto-create issues from findings. Comment on PRs with new vulnerabilities. Export SARIF for Code Scanning. Issues auto-close when findings resolve.

Live

Supabase

Auth provider

Native GoTrue auth flow testing. Login, session persistence, token refresh, logout invalidation, expired token rejection. Zero custom code.

Live

Firebase

Auth provider

Identity Toolkit integration. Same five-test suite as Supabase. Point at your Firebase config and BrokenApp handles the rest.

Live

GraphQL

API protocol

Per-operation endpoint detection. Automatically splits POST /graphql into individual queries and mutations for targeted scanning.

Live

GitHub Actions

CI/CD

Run BrokenApp in your CI pipeline. Exit codes for pass/fail gating. JSON output for custom processing. One-line workflow setup.

Live

GitLab CI

CI/CD

Same CLI, same flags, same output. Add brokenapp scan to your .gitlab-ci.yml and gate deployments on scan results.

Live

MCP Server

AI tooling

Model Context Protocol server for AI coding tools. Claude Code, Codex, and any MCP-compatible client can trigger scans and read reports.

Live

Webhooks

Notifications

POST scan results to any URL. Trigger Slack, Discord, PagerDuty, or custom automation when new findings are detected.

Live

PDF / CSV / Markdown

Export

Generate branded reports in multiple formats. Executive summaries, finding details with evidence, remediation guidance, and compliance mappings.

Live

SARIF 2.1.0

Standards

Export findings as SARIF for GitHub Code Scanning, VS Code SARIF Viewer, or any SARIF-compatible tool. Full rule metadata included.

Coming soon

On the roadmap.

Jenkins

Soon

Pipeline step integration. Run scans as part of your Jenkins build. Parse JSON output for custom quality gates.

GitLab Issues

Soon

Same auto-create, auto-close, and fingerprint deduplication as GitHub — for GitLab projects.

Need an integration we don't have?

We ship integrations based on demand. Tell us what you need.

Request an integration

Architecture

CLI-native. Not plugin-dependent.

01

Scan locally

BrokenApp runs on your machine or CI runner. No cloud dependency. The CLI produces structured JSON output that any integration can consume.

02

Push results

Use built-in commands to push findings to GitHub, export to SARIF/PDF/CSV, or POST to webhooks. You control where data goes.

03

Automate the loop

Set up CI gates, scheduled rescans, and auto-triage. New findings trigger notifications. Resolved findings close issues. The feedback loop runs itself.

One tool. Every workflow.

Install the CLI and connect it to everything you already use.

Install the CLIView docs