We just shipped a security release on MergeGuard: OSV (npm lockfile advisories) and Trivy (filesystem vulns, secrets, misconfig) run in the same pass as our AI code review. Findings land in the PR as a Security review section—and on Files changed when the diff allows inline threads.
Top comments (0)