14:32:01 [SECURE] All credentials resolved to environment variables
14:32:03 [BLOCKED] Live endpoint rejected - paper mode required
14:32:05 [SCAN] Hardcoded API key detected in strategy.py
14:32:08 [GUARD] HTTPS egress scan - 0 secrets detected - ALLOW
14:32:11 [BLOCKED] AWS key blocked in outbound POST to webhook.site
14:32:14 [SCAN] 0 findings across 8 files - clean
14:32:17 [SECURE] Position size within configured limit
14:32:19 [BLOCKED] Unbounded quantity rejected - missing position cap
14:32:22 [SCAN] Private key PEM block found in deploy.sh
14:32:25 [GUARD] Drawdown limit enforced at 5% threshold
14:32:01 [SECURE] All credentials resolved to environment variables
14:32:03 [BLOCKED] Live endpoint rejected - paper mode required
14:32:05 [SCAN] Hardcoded API key detected in strategy.py
14:32:08 [GUARD] HTTPS egress scan - 0 secrets detected - ALLOW
14:32:11 [BLOCKED] AWS key blocked in outbound POST to webhook.site
14:32:14 [SCAN] 0 findings across 8 files - clean
14:32:17 [SECURE] Position size within configured limit
14:32:19 [BLOCKED] Unbounded quantity rejected - missing position cap
14:32:22 [SCAN] Private key PEM block found in deploy.sh
14:32:25 [GUARD] Drawdown limit enforced at 5% threshold
Home Scanner Guard Roadmap About Get Early Access
// roadmap

What's Shipped & What's Next.

Two products live on PyPI today. Here's where we are and where we're headed.

// shipped

Live today.
Install and go.

Live

Code Scanner

Static analysis for Python trading code. Detects hardcoded broker keys, leaked credentials, missing risk controls, and unsafe execution logic. 30+ rules across 3 categories. Runs locally, nothing leaves your machine.

Try the Scanner →
Live

Guard

Runtime proxy that monitors outbound HTTP/HTTPS from your trading bots and blocks leaked credentials before they hit the wire. Uses the same rules engine as the scanner. Sub-ms latency, real-client MITM validated.

Learn about Guard →
// coming_next

On the 2026 roadmap.

What we're building next. Join the waitlist to get early access.

Security Coming Soon

Credential Vault

Encrypted local-first credential storage. Keeps broker API keys out of source code, environment variables, and AI prompts. One secure layer your strategies can query at runtime.

Quant Coming Soon

Execution Guardrails

Real-time validation before orders reach your broker. Position limits, drawdown caps, kill switches, symbol restrictions, and anomaly detection. Define rules once, enforce on every order.

Infrastructure Coming Soon

Policy Engine

Configurable policy-as-code for trading operations. YAML/JSON rules that define what's allowed, when approvals are required, and how different environments behave. The layer that turns one-off guardrails into reproducible infrastructure.

Trust Coming Soon

Audit Trail

Searchable history of every blocked order, triggered rule, and policy change. Incident timelines, rule-change tracking, and explanations of why actions were rejected. The trust layer that proves your system works.

// early_access

Stay in the loop.

Get notified when new tools ship. No spam, no noise.