fossabot for AI Guardrails
fossabot flags AI-generated code that carries problematic license obligations before it merges, and can enforce this as a pre-merge check.
Overview
fossabot is an AI agent for code maintenance, including analysis of AI-generated code for problematic license issues. It flags cases where code an LLM was trained on could introduce licensing complications if it merges into your project.
AI and snippet review in pull requests
fossabot reviews the files changed in a pull or merge request for problematic snippets. Each snippet is flagged by the file it appears in and the license that FOSSA has attributed to the code. Only files that match your organization's deny list are flagged.

Block issues with a pre-merge check
You can enforce AI guardrails as a pre-merge check. As with SAST review, this cuts down on noise: when there are no findings, the pull request simply gets a green check mark.
Administrators control whether the check blocks the merge.
