Reviews PRs and deploys to prod — after Beomz clears the commit
WHAT BEOMZ PROTECTS
Every commit SHA is scanned for malicious dependencies, backdoors, and supply-chain injection before the CI/CD pipeline triggers a production deployment.
DEFAULT INPUT
Seeded malicious commit
A commit in acme/payments that introduces a dependency with a known supply-chain backdoor.
WALLET MODE
SUBJECT TO VERIFY
LIVE VERDICT
No verdict yet
Run the demo above to see a live Beomz verdict.
FRAMEWORK-IDIOMATIC INTEGRATION
LangGraph# LangGraph agent with Beomz code verification tool
from beomz_langchain import BeomzVerifyCodeTool
from langgraph.graph import StateGraph
from langchain_openai import ChatOpenAI
verify_tool = BeomzVerifyCodeTool(
network="testnet",
account_id=os.environ["BEOMZ_DEMO_ACCOUNT_ID"],
private_key=os.environ["BEOMZ_DEMO_PRIVATE_KEY"],
)
llm = ChatOpenAI(model="gpt-4o").bind_tools([verify_tool])
def should_deploy(state: DeployState) -> str:
verdict = state["verdict"]
if verdict["result"] in ("Scam", "Risky"):
return "abort"
return "deploy"
graph = StateGraph(DeployState)
graph.add_node("verify_code", verify_code_node)
graph.add_node("deploy", deploy_node)
graph.add_node("abort", abort_node)
graph.add_conditional_edges("verify_code", should_deploy)
# Triggered on every merged PR
result = await graph.invoke({
"repo": "acme/payments",
"commit_hash": "abc1234",
})