Your CI/CD pipeline breaks at 2 AM. The deployment is stuck. You're half-asleep, staring at cryptic error logs, trying to figure out if it's a dependency issue, a YAML typo, or something else entirely.
I've been there too many times. That's why I built FlowEasy — a CI/CD tool that generates secure pipelines with GitHub Actions and doesn't just notify you when things break. It fixes them.
Here's what FlowEasy does differently.
🔧 Auto-Heal AI
Traditional CI/CD tools send you a notification when a pipeline fails. That's it. You wake up, dig through logs, figure out the root cause, fix the YAML, push again, and pray.
FlowEasy's Auto-Heal AI takes a different approach:
- Reads the full error logs — not just the last line, but the entire context
- Identifies the root cause — using AI to understand what actually went wrong
- Commits the fix or opens a PR — automatically, without you lifting a finger
Average fix time: under 30 seconds.
Common issues it handles automatically:
- Dependency version conflicts
- Missing environment variables
- YAML syntax errors
- Test runner misconfigurations
- Build cache invalidation issues
You set up the pipeline once. FlowEasy keeps it running.
🖥️ MCP Server — Manage Pipelines from Your IDE
One of the features I'm most excited about is the MCP (Model Context Protocol) Server. It gives you 9 tools you can use directly from Claude Code, Cursor, or Windsurf — without ever leaving your IDE.
Available tools:
-
check_pipeline_status— see what's running or failing -
view_logs— pull full logs for any run -
rerun_pipeline— trigger a new run -
rollback_deployment— revert to the last working version -
analyze_failure— ask AI to explain what went wrong -
list_pipelines— see all configured pipelines -
get_pipeline_config— inspect current configuration -
update_pipeline— modify settings without leaving your editor -
cancel_run— stop a running pipeline
One-line setup in your MCP config:
{
"mcpServers": {
"floweasy": {
"command": "npx",
"args": ["floweasy-mcp"],
"env": {
"FLOWEASY_API_KEY": "your-api-key"
}
}
}
}
Works with Claude Code, Cursor, and Windsurf out of the box.
🛡️ 6 Security Scans — Zero Config, Security by Default
Every single deploy automatically runs 6 security scans. No extra configuration needed. No separate security pipeline to maintain.
| Scan | Tool | What it catches |
|---|---|---|
| SAST | Semgrep (847+ rules) | Code vulnerabilities, injection flaws |
| SCA | OWASP Dependency-Check | Vulnerable dependencies |
| Secrets | TruffleHog | Exposed API keys, tokens, credentials |
| DAST | OWASP ZAP | Runtime vulnerabilities in running apps |
| SBOM | Syft | Full software bill of materials |
| Compliance | Custom rules | GDPR, SOC 2, policy violations |
Security isn't bolted on as an afterthought. It's baked into every deploy from day one.
How It Works
Getting started takes about 5 minutes:
1. Connect your repo
Link your GitHub repository to FlowEasy. It analyzes your stack automatically.
2. Choose your gates
Select which security scans to enforce, what tests to run, and your deployment targets.
3. FlowEasy generates the YAML
No manual YAML writing. FlowEasy creates the GitHub Actions workflow for you, with all your selected security scans and Auto-Heal AI configured.
From there, every push triggers the pipeline. If something breaks, the AI fixes it. If a security scan fails, you get a detailed report with remediation guidance.
Stack
For those curious about how it's built:
- Backend: Node.js + TypeScript
- Pipeline Engine: GitHub Actions
- AI: Claude API (Anthropic)
- Security Tools: Semgrep, TruffleHog, OWASP ZAP, Syft
- MCP Server: Model Context Protocol
- Database: PostgreSQL
Try It
FlowEasy is live at floweasy.dev.
Free tier: 1 repo, 5 pipeline runs/month
Pro: $19/month, unlimited repos and runs
I built this to solve my own pain. If you've ever debugged a broken CI/CD pipeline at 2 AM, I think you'll find it useful.
What security scans matter most to you in your pipelines? SAST? Secrets detection? DAST? I'd love to hear what your current setup looks like and what gaps you're trying to fill.
