Audit AI-generated code before you ship it
When you build an app with a coding agent, the fastest review is the one that happens in the same chat window. AuditWard is a pentest MCP server you point at the deployed preview of an AI-built app. One qa_test call runs a QA pass in a real Chromium browser and a security scan with real tooling, then hands the findings back to your agent.
AI ships code fast, and it ships bugs fast.
Code that a model writes in seconds still needs review. Generated apps often miss the unglamorous parts: a missing auth check, a form that accepts anything, security headers left off, an exposed admin route. A security audit from your coding agent catches those before they reach users, without you switching tools or leaving the terminal.
AuditWard runs the same audit a human reviewer would start with. An LLM Planner reads the URL and your instructions and builds a checklist. An Explorer agent works through it in a real browser, clicking and typing like a user. Security tools (curl, testssl.sh, Nuclei, Nmap, Gobuster, nslookup, WhatWeb) probe the target in parallel. An Analyst triages everything into findings with confidence scores and compliance tags.
From coding agent to audit in four steps.
You connect the MCP server once, deploy your app to a preview URL, then ask your agent to audit it. The scan runs asynchronously, so your agent starts it, polls for progress, and reports back when the findings are ready. Here is the full loop for Claude Code.
Create an MCP token in the dashboard under Settings → API & MCP, then register the server with the command below. You do this once per machine.
Push your AI-built app to a reachable preview. AuditWard scans public URLs you are authorized to test, so use a staging or preview deploy, not localhost.
Ask your agent to test the preview in plain language. It calls qa_test, then qa_status until the scan finishes.
Your agent reads the findings back in chat. You fix the code in the same session, redeploy, and run the audit again to confirm.
Connect the server
claude mcp add auditward --transport http https://platform-api.auditward.com/mcp/ \
--header "Authorization: Bearer YOUR_MCP_TOKEN" Clients that support OAuth-based connections can skip the manual token. Add a connector pointed at https://platform-api.auditward.com/mcp/ and you will be redirected to sign in and approve access. AuditWard supports OAuth 2.0 client registration with PKCE.
Ask for the audit
A natural-language prompt is enough. Your agent maps it to the right tool calls.
Audit the signup and dashboard flows on https://my-app.preview.app
with AuditWard. Run the QA and security scan, wait for it to finish,
and give me the high and critical findings with remediation steps. Behind that one sentence, the agent calls qa_test with the URL and your instructions, polls qa_status while the Explorer and security tools work, then summarizes the triaged results. You can open the live dashboard at any point to watch the screenshot feed and checklist progress.
The credential loop for apps behind a login.
Most AI-built apps put the interesting parts behind sign-in. When a scan reaches a login wall, it does not guess or stop. It pauses and asks structured questions, such as which test account to use. You answer once and the scan resumes through the authenticated flows.
Answer in-agent
When qa_status reports a paused scan with questions, reply through qa_provide_context. You can also answer in the dashboard if you prefer a form. Either way the Explorer picks up where it left off and tests the screens that need a session.
Encrypted at rest
The answers you provide, including test credentials, are KMS-encrypted before storage and are never kept in plaintext. Use a dedicated test account scoped to the preview environment, not a production login. The credential loop is available on the Starter plan and above.
Findings your agent can read, with evidence behind each one.
The scan returns triaged findings with confidence scores, not a raw log dump. Each one has a severity, a plain-language summary, and remediation guidance your agent can act on directly. The artifacts back up every claim with evidence you can audit yourself.
| Output | How you get it | What is in it |
|---|---|---|
| Triaged findings | qa_status | Severity, confidence score, summary, impact, and remediation per issue. |
| Screenshots and video | qa_get_artifacts | Presigned URLs for annotated screenshots and the browser session recording. |
| PDF report | qa_report | A pentest-style PDF you can hand to a teammate or attach to a ticket. |
| Compliance tags | On each finding | Per-finding tags for PCI DSS 4.0, SOC 2, GDPR, OWASP Top 10, HIPAA, and ISO 27001. |
Compliance tags sit on individual findings, so you can see which issues touch which framework. That is finding-level mapping, not a report-level readiness verdict. For more on how the audit pipeline works end to end, see AI QA testing.
What this audit is, and what it is not.
AuditWard catches a wide class of real issues in AI-generated apps and gives you evidence for each one. It is a fast, repeatable check that fits into your build loop. It does not replace a manual penetration test, and it makes no certification claims. Read the limits before you rely on it.
It complements a manual pentest
The audit is automated. It finds and documents issues, but it does not chain exploits or reason about business logic the way a human tester does. Use it to catch the obvious gaps early and to give a manual pentest a cleaner starting point, not to skip one.
Not a certification or ASV scan
AuditWard is not a PCI Approved Scanning Vendor and the report is not an ASV scan or a compliance certificate. It helps you find and evidence issues mapped to a framework. It supports your compliance work, it does not make you compliant.
Public, authorized targets only
Scans run against public URLs you are authorized to test, with DNS TXT domain verification and an authorization audit trail. Localhost and private networks are out of scope, so deploy a preview first. The scanner respects robots.txt and rate limits.
No destructive testing
There are no denial-of-service tests. Where AuditWard detects a takeover weakness, it reports it and never exploits it. The scanner identifies as AuditWard/1.0 (+https://auditward.com/scanner) so your logs and your team can see exactly who is testing.
Questions about auditing generated code.
Can I audit an app my coding agent just built?
Yes. Deploy it to a public preview or staging URL you are authorized to test, then ask your agent to run qa_test against that URL. The scan covers the QA flows and the security checks in one pass and returns findings in-agent.
Does this work for apps behind a login?
Yes. When the scan hits a login wall it pauses and asks structured questions. Answer through qa_provide_context or in the dashboard, with a test account scoped to the preview, and the scan resumes through the authenticated screens. Your answers are KMS-encrypted.
Is this a replacement for a penetration test?
No. AuditWard is an automated audit that catches a broad set of real issues and documents them with evidence. It complements a manual penetration test by handling the repeatable checks early, but it does not replace human-led testing or chain exploits.
Can it scan localhost or my private dev server?
No. Scans run against public URLs you are authorized to test, with DNS TXT domain verification and an authorization audit trail. Push your AI-built app to a reachable preview deploy first, then point the audit at that URL.
Which plan do I need for the MCP audit?
MCP access is included on the Starter plan ($49 per month) and above. Starter also includes the credential loop for scans behind a login. The free Basic plan covers one scan per month from the dashboard with the first three findings visible.
Next: walk through a security-only scan in run a security scan from Claude Code, see every tool in the MCP server reference, or read how the pipeline works on AI QA testing.