brakit/docs

Introduction

See what your API is really doing. One command, zero config.

Brakit hooks into your Node.js server at the framework level. It captures every HTTP request, database query, fetch call, console log, and error, then shows you everything in a live dashboard served from your own dev server. Security scanning, N+1 detection, and performance insights happen automatically. No proxy, no second process.

Quickstart

npx brakit install

That's it. This command:

  1. Auto-detects your framework (Next.js, Remix, Nuxt, Vite, Astro, Express, Fastify)
  2. Adds brakit as a dev dependency and creates a one-line instrumentation file
  3. When you run npm run dev, brakit hooks into your server and serves the live dashboard at /__brakit on the same port as your running app
Requirements: Node.js 18 or later and a project with package.json. Only 2 production dependencies: citty (CLI) and picocolors (terminal colors).

What You'll See

Open /__brakit on your dev server and interact with your app. Brakit captures everything in real time:

Brakit dashboard showing the Overview tab with requests, actions, queries, errors, and fetches

What Brakit Does

Security

8 rules scanned automatically: leaked secrets, PII in responses, tokens in URLs, stack traces, insecure cookies, and more.

Queries

Every database query captured with operation, table, duration, and row count. N+1 patterns flagged automatically.

Actions

Requests grouped by what the user did: "Sign Up", "Load Dashboard". Not raw HTTP noise.

Performance

Health grades, p95 trends, slow endpoint detection, and metrics that persist across sessions.

Tracing

Server-side fetch calls, console output, and unhandled errors, all correlated to the request that triggered them.

AI Integration

Via MCP, Claude Code and Cursor read findings, fix issues, and verify the fix. The full detect, fix, verify loop.

Removing Brakit

npx brakit uninstall

Removes the instrumentation file and the brakit package. Your app goes back to exactly how it was.

Next Steps

  • CLI Commands : Install, uninstall, and telemetry commands
  • Architecture : How in-process hooks, analysis, and the dashboard work together
  • Security Rules : The 8 rules and what they catch
  • Adapters : How brakit captures database queries from pg, mysql2, and Prisma
  • MCP Integration : How AI assistants connect to brakit via the Model Context Protocol
PreviousPillarsNextCLI Options