Security tooling has two failure modes: tools that surface vulnerabilities but leave remediation entirely to humans, and AI coding agents that fix code interactively but leave no durable record of what changed, why it was allowed, and whether any policy was enforced. Warden sits in between. It is the control plane around agentic remediation — a CLI that scans your repositories, triages findings against configurable policy, applies safe fixes within defined limits, opens reviewable pull requests, and writes machine-readable artifacts that capture every decision in the run.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/DevDonzo/warden/llms.txt
Use this file to discover all available pages before exploring further.
The Warden Loop
Every Warden run follows the same deterministic sequence, whether you invoke it locally or inside a GitHub Actions workflow:Key Capabilities
SAST Dependency Scanning
Scan Node.js and Python projects with
npm-audit, pip-audit, and Snyk. Warden tries your preferred scanner first and falls back automatically when credentials are missing.DAST Infrastructure Scanning
Run advisory scans against authorized infrastructure targets using Nmap and Metasploit. Findings are normalized into the same artifact format as SAST output.
Policy Gates
Set severity thresholds, posture gates, per-run fix limits, and approval token requirements. The policy engine enforces all constraints before any code changes, and emits deterministic CI exit codes.
Durable Artifacts
Every run writes
scan-results.json, warden-report.md, agent-run-record.json, and more into scan-results/. Schemas live in schemas/ so other agents and dashboards can consume output without scraping logs.Security Baselines
Commit
.warden-baseline.json to make accepted risk explicit. Future runs fail only on new or worsened findings — regressions, not noise.Local Console
Run
warden console to open a browser-based UI that visualizes posture, findings, run history, and artifact contents without leaving your machine.Why Warden Instead of an LLM Directly?
Asking a coding agent to fix a vulnerability in a chat session works once. Warden makes the same operation work reliably across every run, every repository, and every team member. The distinction comes down to four properties the chat interface cannot provide: Governed. Warden enforces severity gates, fix limits, posture thresholds, and approval requirements before any code changes. Acritical posture can be configured to block all automated fixes and emit an approval request instead. You decide what the agent is allowed to do; Warden enforces the contract.
Auditable. Chat history is ephemeral and personal. Warden writes agent-run-record.json on every run — a structured document that records what was found, what was selected for remediation, what was applied, what was blocked, and why. That record survives beyond the session and can be read by other agents, CI jobs, and reviewers.
Continuous. Warden runs in CI, on a schedule, and in release gates. It does not require an interactive session. You can bootstrap a GitHub Actions workflow with warden bootstrap-ci and have scheduled security scans running against every pull request in minutes.
Stateful. Warden tracks run history, baseline regressions, and recurring vulnerable package hotspots across runs. The memory layer surfaces packages that appear repeatedly so you can address root causes instead of patching symptoms scan after scan.
Warden requires Node.js 18 or later (
engines.node: ">=18.0.0"). Check your version with node --version before installing.