We have created a robot which uses the GitHub APIs to format the code of open source projects. We would like a version which, rather than formatting code, finds and fixes common security vulnerabilities, particularly in web applications.