AegisRunner
Start free

// localhost app testing

Test the app on your machine. No deploy.

Most hosted tools need a URL their cloud can reach, so you deploy first and test second. AegisRunner points its AI straight at localhost — one command opens a secure, outbound-only tunnel and hands you a real test suite before you push.

terminal
$ npm install -g @aegisrunner/cli
$ export AEGIS_TOKEN=aegis_xxxxxxxx
$ aegis scan --tunnel --port 3000 --watch
# behind a login? hand it a credential:
$ printf %s "$DEV_PW" | aegis scan --tunnel --port 3000 \
      --username you@example.com --password-stdin --watch

one process. the tunnel stays up for the whole scan.

// the flow

Local app → tunnelled → tested — no URL to hand out.

01

Run your app locally

Your dev server on any port — Next, Vite, Rails, Django, whatever. Nothing to deploy.

02

aegis scan --tunnel

One command opens a secure, outbound-only tunnel from your machine and points a scan at it. No inbound port.

03

AI crawls localhost

Our agent explores your local app like a user — pages, forms, flows — and signs in if you pass a credential.

04

Tests come back

A generated suite plus accessibility, SEO and functional findings — against the code on your laptop, before you push.

// why localhost testing

Fast feedback where you actually work.

No deploy required

Test the branch you’re on, right now — not after a staging deploy finishes.

Outbound-only

Your machine dials out over HTTPS. No inbound port is opened; nothing is exposed to the public internet.

Ephemeral

The tunnel lives only while the command runs and closes the moment the scan finishes.

Signs in for you

Pass --username / --password-stdin or a saved --role. The AI maps it onto your login form — any field, any app.

Fits your loop

Just a CLI with an exit code. Run it pre-push, in a pre-deploy job, or from a Git hook.

Beyond localhost

The same CLI reaches IP-restricted staging (allowlist) or VPN/air-gapped envs (self-hosted runner).

// faq

Frequently asked

Do I have to deploy my app first?

No — that’s the point. `aegis scan --tunnel --port <port>` opens a secure tunnel from your machine to our cloud scanner and runs a full scan against your app on localhost. No staging URL, no public host, no deploy.

Is my local app exposed to the internet?

No inbound port is ever opened. The tunnel is an outbound-only HTTPS relay your machine initiates, and it closes the moment the scan finishes. Each tunnel also gets its own subdomain, so root-relative links (/cart, /login) stay scoped to your app instead of escaping.

How does it test pages behind a login?

Pass --username plus a password from stdin (or the AEGIS_PASSWORD env var), or --role <name> to use a saved login. The scanner’s AI maps your username onto whatever the form calls its identity field — email, username, phone — so there’s nothing to configure per app. Credentials are never accepted as a plain flag.

What do I get back?

A generated end-to-end suite for the flows the AI discovered, plus accessibility (WCAG), SEO and functional findings — all keyed to your app’s real pages. Export any suite to Playwright and run it locally with `npx playwright test`.

What if my machine sleeps mid-scan?

Keep the terminal focused and the machine awake so the tunnel stays connected. If the connection does drop, the scan ends quickly with an honest “lost the connection to your local app” note rather than producing bogus results — then just re-run it.

Does this need a paid plan?

The tunnel is a Pro or Business feature (it runs off a project CI trigger token). Once you have a token, the CLI itself is open-source and zero-dependency.

Point it at localhost in two minutes

Spin up your app, grab a CI token, run one command. Watch the AI crawl your local app and hand you tests before you deploy.