OpenAPI analysis is temporarily offline while we ship improvements. You can still browse this page; live scans will work again when we reopen the analyzer.
OpenAPI Security Analyzer for Large Spec Reviews
Fetch a live spec, upload a file, or paste raw JSON or YAML. Review findings without turning large reports into a wall of noise.
Run a scan
Enter a live URL, paste raw JSON or YAML, or upload a spec file. Results render below in the same grouped view after the scan completes.
Overview
Your results will appear here
Run a scan to see the summary cards, discovery details, analytics, and the categorized findings view.
Purpose
Use this page to review an OpenAPI or Swagger contract before it becomes a blind spot in implementation, documentation, or security testing. It gives product, engineering, and security teams one place to inspect the contract and quickly see what looks weak, incomplete, or inconsistent.
Instead of dumping findings into a single long list, the analyzer groups issues by category so you can move from high-level review to detailed fixes without losing context when the result set gets large.
How to use it
Choose an input method
Fetch from a live URL, upload a spec file, or paste raw JSON or YAML.
Run the analyzer
The server parses the contract and normalizes older Swagger formats when needed.
Review findings
Start with the overview, then drill into category buckets to prioritize fixes.