brakeman
Brakeman Security Scanner
Overview
Brakeman is a static analysis tool that checks Ruby on Rails applications for security vulnerabilities without requiring a running application. It analyzes source code to detect common security issues including SQL injection, cross-site scripting (XSS), command injection, mass assignment, and many other vulnerability types.
Installation
Verify Brakeman is installed before running scans. If not present, install using one of these methods:
# Using RubyGems (recommended)
gem install brakeman
# Using Bundler (add to Gemfile)
group :development do
gem 'brakeman', require: false
end
More from el-feo/ai-context
tailscale
Comprehensive Tailscale VPN setup, configuration, and management for mesh networking, secure access, and zero-trust infrastructure. Covers installation, CLI commands, subnet routers, exit nodes, Tailscale SSH, ACL/grants configuration, MagicDNS, Tailscale Serve/Funnel, API automation, and production deployment best practices. Use when setting up Tailscale, configuring tailnet access controls, deploying subnet routers or exit nodes, enabling Tailscale SSH, exposing services with Serve/Funnel, automating via the Tailscale API, troubleshooting connectivity, or planning production Tailscale deployments.
197cucumber-gherkin
BDD testing with Cucumber and Gherkin for Ruby and Rails applications. Use when writing feature files (.feature), step definitions, hooks, or implementing Behaviour-Driven Development in Ruby/Rails projects. Covers Gherkin keywords (Feature, Scenario, Given/When/Then, Background, Scenario Outline, Rule), Ruby step definition patterns, Cucumber Expressions, hooks (Before/After/BeforeAll/AfterAll), tags, data tables, doc strings, World modules, and Capybara integration. Triggers on cucumber, gherkin, BDD, feature files, step definitions, acceptance testing, executable specifications.
137eslint
Comprehensive ESLint agent for JavaScript/TypeScript code quality. Use when setting up ESLint, configuring linting rules, analyzing code for issues, fixing violations, or integrating ESLint into development workflows. Triggers on requests involving code quality, linting, static analysis, or ESLint configuration for JavaScript, TypeScript, React, or Node.js projects.
35rspec
Comprehensive RSpec testing for Ruby and Rails applications. Covers model specs, request specs, system specs, factories, mocks, and TDD workflow. Automatically triggers on RSpec-related keywords and testing scenarios.
32rubocop
>-
30ruby
>-
29