Detect prompt injection, exposed secrets, and dependency drift on every request — without adding latency to your users.
Free forever for 100 scans/month · No credit card required
// middleware.tsimport { withWatchman } from "@kairosinternational/watchman-nextjs"; export default withWatchman({ telemetry: { apiKey: process.env.WATCHMAN_API_KEY!, endpoint: "https://watchman.guide", },}); export const config = { matcher: ["/((?!_next|static).*)"],};How it works
Drop one middleware line in, forget about it, and read a clean dashboard when something shows up. Hover any card for plain English — tap it for the short version.
Edge-safe pattern matching runs on every request — URL, headers, body. 13 rules across 4 scanners. Sub-5ms overhead.
Findings stream to Watchman via fire-and-forget telemetry. Network failures never delay your app's response.
Filterable dashboard with commit, branch, and environment context. Severity triage, suppression rules, per-session drill-down.
Pricing
Every subscription funds the Kai'Ros International orphanage in Kumasi, Ghana.
Free forever for small projects. No credit card required.
Our mission
One hundred percent of Watchman revenue funds the Kai'Ros International orphanage in Kumasi, Ghana. Every scan you run, every threat we catch for you, every dollar you pay — it becomes a meal, a school book, a bed, a future for a child who would not otherwise have one.
We build software for a living so that children can live.
“Son of man, I have made thee a watchman unto the house of Israel.”