RASS plugs into your Lovable project as a custom MCP server. Trigger scans, pull findings, and get Hermes-drafted fixes streamed back into the chat — no context switching.
"Scan the checkout API and give me the top findings" — that's the whole workflow.
Structured findings with severity, evidence, and copy-ready remediation streamed back into your prompt.
Scans identify the right OWASP, API, Supabase RLS, Stripe, and React packs for your target.
Short-lived, project-scoped tokens. Every tool call is audit-logged. Secrets never touch localStorage.
Findings raised via MCP show up in the console, in reports, and in your GitLab MR comments.
Build faster with an AppSec assistant that treats security as part of the loop, not a post-launch surprise.
Add the RASS MCP endpoint to your Lovable project. OAuth 2.1 + PKCE, project-scoped tokens.
"Run an OWASP + Supabase RLS scan on staging and summarize the top 5 issues."
Severity, evidence, and remediation appear directly in the chat, grounded in real scan data.
Copy-ready code blocks and configuration snippets — reviewable, editable, and secure by default.
Wire RASS into your Lovable project and let Hermes handle the AppSec loop.