TestForge: 21-Dimension AI Testing — From Zero to Enterprise-Ready in 1 Week

Vinayak Rao — Mon, 25 May 2026 08:57:42 +0000

The Journey

I spent the last week building TestForge — a testing platform that analyzes code across 21 dimensions. Not 3 like Snyk. Not 5 like SonarQube. Twenty-one.

Here is everything that was built, tested, and deployed to production.

What TestForge Analyzes

Standard Dimensions

Security scanning — SAST with OWASP Top 10 coverage mapping
Unit test analysis — Coverage estimation, framework detection
Load & performance — Rate limiting, caching, connection pooling
Accessibility — WCAG compliance, alt text, form labels
Contract testing — OpenAPI/Swagger detection, API versioning
Visual regression — Style consistency

Strategic (Only TestForge Has These)

🤖 Agentic Scale Prediction — World first. Simulates thousands of AI agents hitting your API. Predicts failure patterns, bottlenecks at scale.
📊 DORA Metrics — Deployment frequency, lead time, MTTR, change failure rate
🎯 Vision & Goal Alignment — Observability, feature flags, analytics, CI/CD maturity
📦 Scope Coverage — Documented vs implemented features
🏗️ Stack Analysis — Architecture quality, TypeScript, ORM, caching

Deep Analysis

N+1 Query Detection — DB queries inside loops
Supply Chain Audit — CVE database cross-reference
Dead Code Detection — Unused dependencies
License Compliance — GPL/copyleft risk flagging
Edge Cases + Property-Based + Chaos + Mutation + Predictive

Real Test Results (tinyhttp/malibu)

Security           4 findings  ████░░░░░░░░░░░░░░░░
Unit Tests         67%         █████████████░░░░░░░
Agentic Scale      24/100      ████░░░░░░░░░░░░░░░░  ⚠️ Critical
DORA               30/100      ██████░░░░░░░░░░░░░░  ⚠️ Manual deploys
OWASP Coverage     20%         ████░░░░░░░░░░░░░░░░

Top findings: Auth gaps, no rate limiting, no observability, 34 undocumented endpoints.

Tech Stack

Layer	Technology
Frontend	React 19 + TypeScript + Vite + Tailwind
Backend API	Vercel Serverless (18 endpoints)
MCP Server	Fastify + TypeScript on Fly.io
Database	Neon PostgreSQL + Drizzle ORM (8 tables)
Payments	Stripe Checkout + Webhooks
Auth	GitHub OAuth
npm	@whitenoisenpm/testforge-mcp v0.2.3

Enterprise Features

Data Isolation: Per-user repos, tests, API keys (7 tasks)
Security: Rate limiting, API key auth, CORS, security headers (6 tasks)
Dashboard: Overview, repos, test history, API keys, billing, team (12 tabs)
Reliability: Auto-scaling, health checks, DB backups (6 tasks)
UX: Onboarding modal, empty states, error boundaries, toasts (6 tasks)

Try It

# Web Platform
open https://testforge.run

# MCP IDE Integration
npx @whitenoisenpm/testforge-mcp install

# CLI Score (CI/CD friendly)
npx @whitenoisenpm/testforge-mcp score https://github.com/user/repo

# Self-Hosted
git clone https://github.com/t4tarzan/testforge
cd testforge/mcp-server && flyctl launch --now

Pricing

Plan	Price	Tests
Free	$0	5/mo
Pro	$29/mo	100/mo
Enterprise	$199/mo	Unlimited

Website: testforge.run | GitHub: t4tarzan/testforge

Built by t4tarzan — Ship code you trust. 🚀

I Built a Testing Tool That Analyzes Code Across 21 Dimensions — Here is Why

Vinayak Rao — Mon, 25 May 2026 06:31:02 +0000

The Problem

I was shipping AI-generated code fast. Really fast. But here is the thing — nobody was testing it properly.

Sure, I had ESLint. I had Jest for unit tests. But when I looked at the testing landscape, I realized something:

Snyk checks security vulnerabilities (1 dimension)
SonarQube checks code quality (2-3 dimensions)
TestRail manages test cases (manual, 1 dimension)

Nobody checks if your API can handle thousands of AI agents hitting it simultaneously. Nobody checks your DORA metrics. Nobody does supply chain audits, N+1 query detection, or agentic scale prediction.

So I built TestForge — a testing platform that analyzes code across 21 dimensions.

What Makes It Different

Standard Dimensions

Security scanning (SAST)
Unit test coverage
Load & performance
Accessibility (WCAG)

Strategic Dimensions (Only TestForge)

🤖 Agentic Scale Prediction — World first. Simulates thousands of AI agents hitting your API. Predicts failure patterns, bottlenecks, and cascading failures.

📊 DORA Metrics — Deployment frequency, lead time, MTTR, change failure rate.

🔗 Supply Chain Audit — Cross-references deps against CVE databases with fix versions.

🔍 N+1 Query Detection — Finds DB queries inside loops that ORMs hide from you.

👁️ Vision & Goal Alignment — Observability, feature flags, analytics, CI/CD maturity.

📦 Dead Code + License — Unused deps, dead exports, GPL/copyleft risks.

How It Works

Go to testforge.run
Paste any public GitHub repo URL
Get a full 21-dimension report in ~30 seconds

No config. No setup. No YAML files.

Results from testing tinyhttp/malibu

Security           4 findings  ████░░░░░░░░░░░░░░░░
Unit Tests         67%         █████████████░░░░░░░
Agentic Scale      24/100      ████░░░░░░░░░░░░░░░░  ⚠️
DORA               30/100      ██████░░░░░░░░░░░░░░  ⚠️
OWASP Coverage     20%         ████░░░░░░░░░░░░░░░░  ⚠️

3 auth middleware gaps (HIGH)
No rate limiting — critical for agentic workloads
No observability or product analytics
34 undocumented API endpoints

Try It

# Web platform
open https://testforge.run

# MCP IDE integration
npx @whitenoisenpm/testforge-mcp install

# Self-hosted (5 min)
git clone https://github.com/t4tarzan/testforge
cd testforge/mcp-server && flyctl launch --now

Try it: testforge.run
GitHub: t4tarzan/testforge
npm: npx @whitenoisenpm/testforge-mcp install

Built by t4tarzan

DEV Community: Vinayak Rao

TestForge: 21-Dimension AI Testing — From Zero to Enterprise-Ready in 1 Week

The Journey

What TestForge Analyzes

Standard Dimensions

Strategic (Only TestForge Has These)

Deep Analysis

Real Test Results (tinyhttp/malibu)

Tech Stack

Enterprise Features

Try It

Pricing

I Built a Testing Tool That Analyzes Code Across 21 Dimensions — Here is Why

The Problem

What Makes It Different

Standard Dimensions

Strategic Dimensions (Only TestForge)

How It Works

Results from testing tinyhttp/malibu

Try It