Forem: Michael Moreira

I built a CI/CD tool that auto-heals broken pipelines, runs 6 security scans, and works from your IDE via MCP

Michael Moreira — Fri, 13 Mar 2026 09:30:40 +0000

Your CI/CD pipeline breaks at 2 AM. The deployment is stuck. You're half-asleep, staring at cryptic error logs, trying to figure out if it's a dependency issue, a YAML typo, or something else entirely.

I've been there too many times. That's why I built FlowEasy — a CI/CD tool that generates secure pipelines with GitHub Actions and doesn't just notify you when things break. It fixes them.

Here's what FlowEasy does differently.

🔧 Auto-Heal AI

Traditional CI/CD tools send you a notification when a pipeline fails. That's it. You wake up, dig through logs, figure out the root cause, fix the YAML, push again, and pray.

FlowEasy's Auto-Heal AI takes a different approach:

Reads the full error logs — not just the last line, but the entire context
Identifies the root cause — using AI to understand what actually went wrong
Commits the fix or opens a PR — automatically, without you lifting a finger

Average fix time: under 30 seconds.

Common issues it handles automatically:

Dependency version conflicts
Missing environment variables
YAML syntax errors
Test runner misconfigurations
Build cache invalidation issues

You set up the pipeline once. FlowEasy keeps it running.

🖥️ MCP Server — Manage Pipelines from Your IDE

One of the features I'm most excited about is the MCP (Model Context Protocol) Server. It gives you 9 tools you can use directly from Claude Code, Cursor, or Windsurf — without ever leaving your IDE.

Available tools:

check_pipeline_status — see what's running or failing
view_logs — pull full logs for any run
rerun_pipeline — trigger a new run
rollback_deployment — revert to the last working version
analyze_failure — ask AI to explain what went wrong
list_pipelines — see all configured pipelines
get_pipeline_config — inspect current configuration
update_pipeline — modify settings without leaving your editor
cancel_run — stop a running pipeline

One-line setup in your MCP config:

{
  "mcpServers": {
    "floweasy": {
      "command": "npx",
      "args": ["floweasy-mcp"],
      "env": {
        "FLOWEASY_API_KEY": "your-api-key"
      }
    }
  }
}

Works with Claude Code, Cursor, and Windsurf out of the box.

🛡️ 6 Security Scans — Zero Config, Security by Default

Every single deploy automatically runs 6 security scans. No extra configuration needed. No separate security pipeline to maintain.

Scan	Tool	What it catches
SAST	Semgrep (847+ rules)	Code vulnerabilities, injection flaws
SCA	OWASP Dependency-Check	Vulnerable dependencies
Secrets	TruffleHog	Exposed API keys, tokens, credentials
DAST	OWASP ZAP	Runtime vulnerabilities in running apps
SBOM	Syft	Full software bill of materials
Compliance	Custom rules	GDPR, SOC 2, policy violations

Security isn't bolted on as an afterthought. It's baked into every deploy from day one.

How It Works

Getting started takes about 5 minutes:

1. Connect your repo
Link your GitHub repository to FlowEasy. It analyzes your stack automatically.

2. Choose your gates
Select which security scans to enforce, what tests to run, and your deployment targets.

3. FlowEasy generates the YAML
No manual YAML writing. FlowEasy creates the GitHub Actions workflow for you, with all your selected security scans and Auto-Heal AI configured.

From there, every push triggers the pipeline. If something breaks, the AI fixes it. If a security scan fails, you get a detailed report with remediation guidance.

Stack

For those curious about how it's built:

Backend: Node.js + TypeScript
Pipeline Engine: GitHub Actions
AI: Claude API (Anthropic)
Security Tools: Semgrep, TruffleHog, OWASP ZAP, Syft
MCP Server: Model Context Protocol
Database: PostgreSQL

Try It

FlowEasy is live at floweasy.dev.

Free tier: 1 repo, 5 pipeline runs/month
Pro: $19/month, unlimited repos and runs

I built this to solve my own pain. If you've ever debugged a broken CI/CD pipeline at 2 AM, I think you'll find it useful.

What security scans matter most to you in your pipelines? SAST? Secrets detection? DAST? I'd love to hear what your current setup looks like and what gaps you're trying to fill.

I built a CI/CD tool that auto-heals broken pipelines, runs 6 security scans, and works from your IDE via MCP

Michael Moreira — Wed, 11 Mar 2026 11:46:26 +0000

Your CI/CD pipeline breaks at 2 AM. You wake up, debug logs, fix YAML, redeploy, and pray it works.

What if AI could do all of that in 30 seconds while you sleep?

That's why I built FlowEasy — an AI-powered CI/CD pipeline generator with built-in DevSecOps, auto-healing, and IDE integration via MCP.

🔧 Auto-Heal AI

When a pipeline fails, FlowEasy AI:

Reads the logs and identifies the root cause
Commits a fix directly or opens a PR for your review
Re-runs the pipeline automatically

It handles lockfile issues, config errors, dependency problems, and code fixes. Average fix time: under 30 seconds.

🖥️ MCP Server — CI/CD Inside Your IDE

FlowEasy ships an MCP server (floweasy-mcp) with 9 tools. From Claude Code, Cursor, or Windsurf, you can:

List pipelines and check status
View logs and analyze failures
Re-run, rollback, or cancel deploys
Generate compliance reports

Setup is one line in your config:

{
  "mcpServers": {
    "floweasy": {
      "command": "npx",
      "args": ["-y", "floweasy-mcp"]
    }
  }
}

🛡️ 6 Security Scans on Every Deploy

Every pipeline run includes:

SAST — Semgrep with 847+ rules
SCA — npm audit for dependency vulnerabilities
Secrets — TruffleHog scanning for leaked credentials
DAST — OWASP ZAP running against your live app
SBOM — Syft for software bill of materials
Compliance — audit-ready reports

Zero extra config. Security is the default, not an add-on.

How It Works

Connect your GitHub repo
Choose your security gates and deploy targets
FlowEasy generates the GitHub Actions YAML and commits it

No manual YAML writing. Works with Next.js, Node, Python, and more.

Stack

GitHub Actions, Vercel, Semgrep, TruffleHog, OWASP ZAP, Syft.

Try it free at floweasy.dev — no credit card required.

I'd love to hear your feedback. What security scans do you run in your pipelines today?

I stopped writing CI/CD YAML — here's what I built instead

Michael Moreira — Mon, 09 Mar 2026 12:16:01 +0000

Every time I started a new SaaS project, the ritual was the same: open an old project, copy the GitHub Actions YAML, edit half of it, break the other half, and spend 2 hours debugging indentation errors.

Sound familiar?

I decided to build something to solve this once and for all. Meet FlowEasy — an AI-powered CI/CD pipeline generator that reads your codebase and generates production-grade GitHub Actions workflows automatically.

The Problem

Setting up CI/CD properly is painful. You need linting, testing, security scans, builds, deploys, notifications... and all of that lives in a YAML file that's easy to break and hard to debug.

Most developers either copy-paste from old projects (and miss important updates) or spend hours hand-crafting workflows from scratch.

How FlowEasy Works

It's dead simple — 3 steps:

Step 1: Connect your repo. Sign in with GitHub, pick your repository. FlowEasy reads your package.json and detects your stack automatically (Next.js, Node, Python, etc.).

Step 2: Choose your gates. Toggle security scans, testing levels, and deployment targets. From simple lint checks to full DevSecOps with DAST and E2E testing.

Step 3: Deploy & monitor. FlowEasy generates the YAML, commits it to your repo, and starts the pipeline. You get Slack/Discord notifications and smoke test results.

What You Get Out of the Box

Here's what a generated pipeline includes:

Lint & Code Quality — ESLint + Prettier, zero config
Unit & Integration Tests — Jest with coverage reports
DevSecOps Scans — SAST (Semgrep), SCA (dependency audit), secret detection (TruffleHog), DAST (OWASP ZAP)
Build & SBOM Generation — Full build + Software Bill of Materials with Syft
Deploy to Vercel — One-click integration with automatic secret configuration
Post-Deploy Monitoring — Smoke tests + Slack/Discord notifications

All of this runs in under 5 minutes. From push to production.

The Feature I'm Most Excited About: Auto-Heal AI

Pipeline failures happen. But instead of you manually reading logs and fixing configs, FlowEasy's Auto-Heal AI does it for you:

Pipeline fails
AI reads the error logs
Diagnoses the root cause
Commits a fix to your repo
Re-runs the pipeline

With safety guards so it doesn't loop forever. Your CI/CD literally fixes itself.

The Stack Behind It

FlowEasy is powered by Claude AI for intelligent pipeline generation and analysis. It integrates directly with GitHub Actions for execution, Vercel for deploys, and supports Slack + Discord webhooks for notifications.

Security is built into the foundation: webhook signature verification, encrypted secrets, OIDC handshakes, and strict RLS policies.

Try It

FlowEasy is live and free to try:

Free tier: 1 repo, 5 pipeline runs/month
Pro: $19/month — unlimited repos and runs

Check it out: https://floweasy.dev

I'd love to hear your feedback — especially on the DevSecOps defaults and the auto-heal approach. What would you want to see in a tool like this?

Built by @_michaelmoreira. Follow @floweasy_dev for updates.