Zero config · Free forever · Enterprise ready

Governance runtime for
AI-generated code

Scan, gate, and trace compliance automatically. No setup needed — auto-detects your project, applies sensible defaults, shows findings inline. 

npm install -g sentrik
Get Started Read the Docs
Terminal
$ npm install -g sentrik
sentrik: Binary installed
 
$ cd my-project && sentrik scan
Detected: python, javascript · CI: github · Packs: owasp-top-10
Scanning 47 files against 22 rules...
CRITICAL OWASP-A03-005 · src/api.py:42 · eval() executes arbitrary code
HIGH OWASP-A01-001 · src/auth.py:18 · Hardcoded credentials
MEDIUM OWASP-A02-003 · src/app.py:7 · MD5 used for hashing
3 findings (1 critical, 1 high, 1 medium)
 
$ sentrik gate
GATE FAILED — 2 blocking findings (critical, high)

No config files. No wizard. Just scan.

Why sentrik?

Zero Config

Auto-detects your project type, languages, and CI platform. Works immediately — no wizard, no setup files, no prompts.

🛡

Enforce Standards Automatically

6 pre-built packs — IEC 62304, OWASP Top 10, SOC2, HIPAA, PCI DSS, and ISO 27001. Or write your own.

Gate Every PR

Block non-compliant code in CI/CD. GitHub Actions and Azure Pipelines integration. PR decoration with inline findings.

💻

VS Code & Cursor

Install the extension and findings appear inline on save. Auto-initializes, scans in background, status bar shows count. Zero interaction.

🔗

Trace Everything

Link findings to Azure DevOps, GitHub Issues, or Jira work items. Auto-create, update, and close items on reconcile.

🤖

Built for AI Agents

Agent context generation, pre-commit hooks, auto-patching. Works with Copilot, Cursor, Claude Code, and custom agents.

Install in Seconds

One command. Downloads a platform-specific binary. No runtime dependencies.

npm install -g sentrik

Downloads a platform binary. No Python, no Docker, no extra dependencies. Works on macOS, Linux, and Windows.

Standards Packs

Pre-built regulatory rule sets. Auto-detected from your README, or enable in one command.

IEC 62304

14 rules

Medical device software lifecycle. FDA 510(k), EU MDR. Traceability headers, input validation, documentation obligations.

sentrik add-pack fda-iec-62304

OWASP Top 10

22 rules

Web application security. SQL injection, XSS, auth failures, SSRF. Auto-enabled for every project.

sentrik add-pack owasp-top-10

SOC2

16 rules

Trust Services Criteria. Access control, logging, change management. Audit evidence generation.

sentrik add-pack soc2

HIPAA

15 rules

Health data privacy and security. PHI handling, encryption requirements, access controls, audit trails for healthcare applications.

sentrik add-pack hipaa

PCI DSS

16 rules

Payment card security. Cardholder data protection, encryption, secure coding, network segmentation for fintech and e-commerce.

sentrik add-pack pci-dss

ISO 27001

14 rules

Information security management. Risk assessment controls, data classification, incident response, security policy enforcement.

sentrik add-pack iso-27001

Ready to govern your AI-generated code?

npm install -g sentrik && sentrik scan
Read the Quickstart View Pricing