CodeSheriff

In MergeRequest, Codesheriff fetches the commit difference
In the Gitlab Duo Agent, add your Codesheriff agent (run codesheriff on this MR)
It analyses the changes and produce detailed findings
It gives as a Report
It create branches automatically to produce findings
It Creates detailed findings under codesheriff_run in new branches

Inspiration

In modern development, security is often handled late, which leads to vulnerabilities reaching production. Common issues like hardcoded credentials or insecure code patterns are easy to miss during fast development cycles.

We wanted to solve this by bringing security directly into the developer workflow, making it automatic and proactive instead of manual and delayed.

What it does

Codesheriff is an AI-powered security agent integrated with GitLab.

Scans Merge Requests automatically

Detects security vulnerabilities

Generates detailed findings

Creates branches for reports

Suggests and applies fixes

Opens auto-fix Merge Requests

How we built it

We built Codesheriff using a trigger-based workflow:

GitLab Merge Request triggers the process

CI/CD pipeline invokes the agent

The agent analyzes code changes

AI + rules detect vulnerabilities

Fixes are generated automatically

GitLab APIs are used to create branches and Merge Requests

Challenges we ran into

Reducing false positives in vulnerability detection

Generating safe and correct auto-fixes

Integrating smoothly with GitLab workflows

Keeping the system simple while still powerful

Accomplishments that we're proud of

Built a complete end-to-end automated security workflow

Successfully demonstrated real vulnerability detection and fixing

Integrated directly into developer workflow without extra effort

Reduced manual security review effort significantly

What we learned

Security should be integrated early in development

Automation improves developer productivity

AI works best when combined with structured workflows

Simple mistakes can lead to major security risks

What's next for CodeSheriff

Support more vulnerability types (OWASP Top 10)

Add real-time developer suggestions

Introduce security scoring dashboards

Expand integrations beyond GitLab

Improve AI-based fix accuracy

Built With

ai
ai/llm
gitlab
javascript
python

Updates

Sai Gopi Narra started this project — Mar 25, 2026 11:17 AM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.