Scan. Fix. Improve. Govern.

The platform that closesthe loop.

Every finding triggers a fix. Every fix opens a PR. Every PR closes a ticket. You review and approve. Hyrax handles the rest.

Join the waitlistView pricing

No credit card required for Free.

How It Works

How Hyrax works.

Scan

Profile once.
Audit continuously.

Discovery runs once, reads every file, maps your architecture, commits context to your repo. Audit scans continuously against that profile: six parallel domain agent groups plus a deterministic scanner.

Discovery

runs once per repo
  • -Reads every file, maps architecture and conventions
  • -Commits .hydra/ to your repo - architecture, conventions, and how-to guides for every agent
  • -Patches CLAUDE.md - your whole team gets codebase context in Claude Code automatically

Audit

runs continuously
  • -Pre-flight generates repo-specific analysis protocol
  • -Six parallel agent groups plus a deterministic scanner
  • -Findings categorized: critical / high / medium / low
Scanning codebase0%
Security

Auth, hardening, privacy

Correctness

Logic errors, edge cases

Maintainability

Dead code, naming, tests

Performance

Bottlenecks, memory, queries

Architecture

Patterns, contracts, coupling

Operations

Deps, config, logging

Findings: 12
Ready for Fix phase
Fix

13 steps.
All must pass.

Fix resolves a detected finding. Task resolves a directive you write. Either way: isolated worktree, 13 verification steps, PR opened, ticket closed.

Fix

per issue
  • -Targets bugs and security issues from Audit
  • -Isolated Git worktree - failure leaves main untouched
  • -Independent reviewer step must approve

Task

on demand
  • -Plain-English input instead of detected finding
  • -Refinement step converts directive to structured plan
  • -Same 13-step verification as Fix
13-Step Verification
1Isolated worktree
2Baseline tests
3Agent executes
4Diff size guard
5Regression gate
6Build verify
7Format + lint
8Scanner loop
9Reviewer step
10Post-fix audit
11PR opened
12CI confirmation
13Ticket close
Progress0/13
Improve

Continuous debt reduction.
Not on push.

Improve runs continuous improvement scans across your codebase and generates suggestions. Each suggestion is dispatched directly into the same 13-step fix pipeline.

Improvement Suggestions

categorized by type
  • -Dead code, nested loops, magic constants
  • -Missing type hints, deep nesting, extractable functions

Same Fix Pipeline

no separate queue
  • -Each suggestion dispatched to 13-step verification
Improvement Suggestions
IS-001HIGH
Dead code path
auth/middleware.py:89
IS-002MED
Nested loop depth
data/processor.py:142
IS-003MED
Magic constants
config/settings.py:34
IS-004LOW
Missing type hints
api/handlers.py:67
0
suggestions queued
13
steps per fix
Govern

Review every PR.
Automatically.

Govern runs on every push. Maintained comment updates as code changes. Can block merge on must-fix findings. No manual trigger needed.

Automated PR Review

on every push
  • -Reviews every PR automatically - no manual trigger
  • -Updates comments as code changes on each push

Merge Control

configurable
  • -Can block merge on must-fix findings
  • -Configurable severity thresholds per repo
Recent PRs
feat: add user dashboard
fix: resolve auth bug
refactor: api handlers
chore: update deps
feat: payment flow
0
PRs reviewed
3
approved
1
blocked
Pricing

Clear pricing.
No surprise bills.

Join the waitlist. Upgrade when you need more. No credit card required.

AI runs on AWS Bedrock with SOC 2 compliance. Your code is processed securely and never used for model training.

Free

$0
  • 1 repository

    No code size limit

  • 1 user
  • 15 fixes per month

    Resets monthly

  • Scoped scan

    Top-priority findings only

  • 13-step verification

    Every fix verified before PR

  • GitHub + Linear

    Core integrations

  • No card required
  • Full-depth audit, Improve, Govern

    Upgrade to Pro or Team

Pro

$30/mo
  • 1 user, up to 3 repositories
  • $30 of credits each cycle

    Resets monthly, no rollover

  • Claude Sonnet 4.6 + Opus 4.7

    All AI runs on AWS Bedrock

  • Discovery + Audit + Fix

    Core workflows

  • 13-step verification

    Every fix verified before PR

  • GitHub + Linear + Slack

    Notifications

  • Overage opt-in

    Charges fire at $300 past zero

  • Card required
  • Improve + Govern

    Upgrade to Team

Most Popular

Team

$200/mo
  • Unlimited users, no per-seat fee
  • Unlimited repositories
  • $200 of shared credits

    Across the org, resets monthly

  • Claude Sonnet 4.6 + Opus 4.7

    Deep analysis on every file (AWS Bedrock)

  • Improve + Govern

    Automated PR review + pattern extraction

  • 13-step verification

    Every fix verified before PR

  • GitHub + Linear + Slack + webhooks

    Custom integrations

  • SSO / SAML
  • Role-based access

    Viewer, Member, Admin, Owner

  • Audit logs + Team analytics

    Full visibility

  • Overage opt-in

    Charges fire at $1000 past zero

All AI inference runs on AWS Bedrock. Credits do not roll over.

How overage works

  • -Optional. Off by default. Toggle on at signup or any time from billing settings.
  • -With overage off, your account stops at $0 until the next cycle.
  • -With overage on, Stripe pre-authorizes half your overage limit ($150 on Pro, $500 on Team) to confirm your card. The hold releases immediately.
  • -Stripe then charges your card every time accrued overage hits $300 (Pro) or $1000 (Team). Any remainder above zero at month end is invoiced separately.
  • -Open balances must be paid before the next cycle renews.
FAQ

Frequently asked questions

Hyrax is an autonomous code governance platform. It profiles your entire codebase, runs a multi-agent audit to surface bugs and security issues, executes the fix through 13-step verification, opens the pull request, and closes the Linear ticket.

PR review tools wait for a pull request and post comments. A developer still has to triage every comment, write the fix, push it, get another review, and close the ticket. Hyrax starts before the PR exists. It audits the full codebase, surfaces issues that have never appeared in a diff, executes the fix on the findings you select, and closes the loop. Comments are not the output. Closed tickets are.

Static analysis tools surface issues and generate a report. A developer triages every finding and does the work. Hyrax audits issues, creates the ticket, executes the fix, and closes the ticket. Static analysis is a reporting layer. Hyrax is an execution layer.

Hyrax runs AI inference on AWS Bedrock with SOC 2 compliance. Your code is processed securely and never used for model training. All data is encrypted in transit and at rest. Full audit logs are available for compliance review.

Every fix runs through 13 verification steps before the PR opens: isolated Git worktree, baseline tests established, agent executes fix, diff size guard, regression gate, build verification, format and lint, scanner quality loop, reviewer step, post-fix audit, PR opened, CI confirmation, and ticket close. If any step fails, nothing ships. You retain review rights on every PR.

Discovery profiles your entire codebase (architecture, conventions, patterns) and creates an Agent Context stored in .hydra/. This context powers every workflow that follows. Discovery profiles. It does not find issues. Audit finds issues.

Hyrax runs AI inference on AWS Bedrock with SOC 2 compliance. Your code is processed securely and never used for model training. Hyrax receives only structured finding data from LLM calls, not raw code content. No codebase content is stored by Hyrax beyond what is needed to execute the current workflow.

Every fix runs: (1) isolated worktree (2) baseline tests (3) agent executes (4) diff size guard (5) regression gate (6) build verify (7) format + lint (8) scanner loop (9) reviewer step (10) post-fix audit (11) PR opened (12) CI confirmation (13) ticket close. A failure at any step aborts the run. Nothing is skippable.

Hyrax works on every codebase. Frontend: React, Next.js, Vue, Svelte, Angular. Backend: Node.js, Django, Rails, Spring, FastAPI, Express. Mobile: React Native, Flutter. Infrastructure: Terraform, Kubernetes configs. TypeScript, JavaScript, Python, Go, Java, Rust, and C# have the deepest support. Most other languages work with slightly reduced fix accuracy.

Free is $0 with 15 fixes per month. Pro is $30/month and includes $30 of compute credits. Team is $200/month and includes $200 of shared credits. A typical audit costs $15-20 on Pro, $25-35 on Team. A typical fix costs $1-2.

Free is a permanent plan, not a trial. 15 fixes per month, no card required.

If any verification step fails, nothing is pushed. Hyrax surfaces an escalation signal with the specific step that failed, the reason, and a suggested next step: retry, split into smaller scope, or route to a human reviewer. Control returns to you with a clear explanation.

Govern is automated PR review that runs on every push. It posts a maintained comment that updates with each commit, uses domain-specific checklists based on changed files, and can block merge on must-fix findings. Available on Team plans.

Security is one of six audit domains. Hyrax's Security agent covers auth patterns, input validation, hardening, privacy, compliance, and vulnerability patterns. It is not a SAST tool. It is an AI audit-and-fix platform where security is a first-class dimension.

No. Overage is opt-in. With overage off, your account stops at $0 until next cycle. With overage on, Stripe charges your card at every $300 (Pro) or $1000 (Team) of overage. End-of-month remainder invoiced separately.

No. The only payment at plan selection is the plan price. If you need more capacity, enable overage.

Both Pro and Team use Claude Sonnet 4.6 and Opus 4.7. Team includes Improve + Govern workflows, unlimited users and repos, RBAC, and audit logs. All AI runs on AWS Bedrock.

Join the waitlist. The loop closes.

Free is $0. Pro is $30/mo. Ship your first fix in minutes.

No credit card required for Free.