Source analysis Closed beta

Source code analysis that finds what general-purpose SAST misses.

Most scanners pattern-match within a single file. Rowan builds a call graph for your whole project and follows tainted data from source to sink across imports and function calls — which is where real vulnerabilities actually live. Built specifically for AI infrastructure.

Get in touch →

The limitation

Real vulnerabilities don’t stay in one file.

An SSRF that spans two files and an async method won’t appear in a single-file regex scan. Rowan follows the full chain and shows exactly where it breaks.

[CRITICAL] Server-Side Request Forgery — confidence: 89%

        Source
        api/endpoints.py:3   url = request.args.get(‘url’)
        Via
        api/endpoints.py:5   return await client.get(url)
        Sink
        clients/resource.py:9   httpx.get(url) — no validation
      
No URL validation, scheme restriction, or allowlist detected.

Coverage

What Rowan tracks.

Cross-file taint

HTTP params, CLI args, env vars — followed to dangerous sinks across files and function boundaries.

AI/ML sink models

torch.load(), trust_remote_code=True, apply_chat_template() — modelled as distinct attack surfaces.

Model file scanning

Static analysis of checkpoint files, GGUF, SafeTensors, and Keras .h5 before they are loaded.

Reachability-aware SCA

Only surfaces CVEs your code can actually trigger. Unreachable vulnerabilities are suppressed.

Prompt injection

Taint flows into LLM system prompts, RAG contexts, and Jinja2 template rendering.

Framework patterns

Named rules for LangChain, Keras importlib, OmegaConf, ONNX Hub, Gradio, and others.

Architecture

Four engines, running in parallel.

1 CodeGuard Inter-procedural taint — follows user input across files, imports, and function calls.

2 NeuroScan 125+ AST pattern rules — secrets, missing auth, AI framework misconfigurations, known CVE patterns.

3 DepGuard Supply chain with reachability — only reports CVEs your code can actually trigger.

4 Huntr Agent Autonomous hypothesis generation, exploit confirmation, and full write-up — no manual triage.

Output

Scored findings. Standard formats.

Confidence scoring

Every finding is scored 0–100% based on source clarity, taint path length, and whether known sanitizers were detected in the path. High-confidence findings are direct exploits. Lower scores identify patterns worth reviewing. Filter to 80%+ to separate signal from noise.

Output formats

SARIF 2.1	IDE and GitHub Advanced Security
JSON	Programmatic integration
HTML	Shareable report
CSV	Ticket import
CycloneDX AI-BOM	Supply chain attestation

Setup

CLI and web API.

Runs locally with no infrastructure required. Also available as a FastAPI web service with project management, triage dashboard, and REST endpoints for CI integration.

# Scan a local project
rowan scan ./my-project

# Scan with SARIF output for CI
rowan scan ./my-project --format sarif --output findings.sarif

# Run the agentic hunt pipeline
rowan hunt https://github.com/org/repo --backend gemini

Changed-file scanning, PR security gates, and a GitHub Actions template are included. The free Gemini API tier is sufficient for most repositories.