Foil

Foil is an AI-powered security scanner designed for developers, offering 100% local code analysis to identify vulnerabilities. It leverages on-device Large Language Models (LLMs), specifically SecureReview-7B, a custom-trained model optimized for code review and vulnerability analysis on Apple Silicon. This ensures that source code never leaves the user's machine, addressing privacy and data exfiltration concerns. The tool goes beyond traditional pattern matching by reasoning about the code to find logic flaws. It provides detailed explanations of vulnerabilities, validates exploitability, and even rewrites code with inline comments to fix issues. Foil supports scanning across seven programming languages and integrates with existing CI/CD pipelines via a command-line interface. It's ideal for developers and teams who prioritize security, privacy, and native performance in their development workflow, aiming to catch security flaws early in the development cycle.