Scan Single URLs for Security Vulnerabilities with GPT-4 (JS, PHP, Python)

Overview

This workflow automates static security analysis for JavaScript, PHP, and Python codebases.
It’s designed for bug bounty hunters and security researchers who need fast, structured, and AI-assisted vulnerability detection across multiple sources.

Features

• 🤖 AI-Powered Analysis:

  • Specialized agents for each language:
    • AI JavaScript Expert
    • AI PHP Expert
    • AI Python Expert
  • Each agent detects only exploitable vulnerabilities (AST + regex heuristics).
  • Returns strict JSON with:

    {
      "results": [
        {
          "url": "file or URL",
          "code": "lines + snippet",
          "severity": "medium|high|critical",
          "vuln": "vulnerability type"
        }
      ]
    }
    

• 🧩 Post-Processing:

  • Cleans, formats, and validates JSON results.
  • Generates HTML tables with clear styling for quick visualization.

Output

• ✅ JSON vulnerability reports per file.
• 📊 HTML table summaries grouped by language and severity.

Usage

1. Import the workflow into n8n.
2. Configure credentials:
   • OpenAI API key
   • GitHub API Key
   • Google Drive API Key
3. Run via the provided webhook form.
4. Select analysis mode and input target.
5. View structured vulnerability reports directly in n8n or Google Drive.

Notes

• Performs static analysis only (no code execution).
• Detects exploitable findings only; ignores low-impact issues.