Codebase immune system
Gets smarter
every PR.
CodeTitan learns your repo. After a month it catches things no generic scanner ever will — launching as a GitHub Action and CLI for JS/TS teams.
How it works
From install to intelligent review in one sprint.
- 01
Install once
Add the GitHub Action to your repo in 30 seconds, or drop the CLI into your CI pipeline. No config required to get started.
- 02
Every PR gets scored
On each pull request, CodeTitan runs 266+ JS/TS rules, detects AI-generated code patterns, and returns a Risk Score with file-level annotations — directly in the PR.
- 03
The profile learns your repo
Every merged PR, dismissed finding, and applied fix trains a per-repo learned profile. After ~50 PRs it catches things no generic scanner ever will — because it knows your codebase, not just the language.
How to use it
Two surfaces. Zero friction.
# .github/workflows/codetitan.yml
name: CodeTitan
on: [pull_request]
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 }
- uses: noalia/codetitan-action@v1
with:
fail-on-severity: high
changed-only: true
env:
CODETITAN_API_KEY:
${{ secrets.CODETITAN_API_KEY }}Runs on every PR. Annotates changed files, posts a Risk Score comment, and optionally blocks merge on high-severity findings.
# Install
npm install -g @noalia/codetitan-cli
# Analyse the current repo (no AI, fast)
codetitan analyze . --no-ai --format json
# Analyse only what changed vs main
codetitan analyze . --changed-only
# Preview auto-fixes before applying
codetitan fix . --dry-runRun locally before you push, or drop it into any CI pipeline. Diff-aware mode only analyses changed files — fast enough for pre-commit hooks.
Private preview
Get in before launch.
Leave your work email — we'll reach out when the private preview opens.