Skip to main content

Introduction

Qodex is an AI QA platform for APIs, web apps, pull requests, and security workflows. Instead of writing every test by hand, you describe what you want tested. Qodex explores the target with a real Chromium browser or direct API calls, learns how it behaves, creates runnable Playwright or HTTP scenarios, and saves them for repeatable runs.

How Qodex works at a high level

Qodex turns a testing brief into reusable test coverage.
  • Scenarios describe what should be tested, including steps, assertions, tags, and lifecycle state.
  • Scripts are the generated Playwright or HTTP code that can run against your environments.
  • Findings are bugs, failures, or vulnerabilities discovered during a run, with severity and evidence.

What you can test

PR review

Review pull requests, post inline findings, test preview deployments, and gate merges with a Check Run.

API testing

Import an OpenAPI spec or Postman collection. Qodex infers auth, creates scenarios, and runs them against any environment.

UI testing

Create intent-driven Playwright scenarios with replay caching, self-healing when pages change, and per-step artifacts on every run.

Security testing

Run continuous OWASP API Top 10 checks. A passing security scenario means the attack was blocked; a failing one includes evidence of the vulnerability.

How tests run

Qodex runs the same saved scenarios in three modes.

On-demand

Chat with the agent. Author, run, and triage interactively.

Scheduled

Cron-based recurring runs. Nightly regression, weekly security audit.

Event-driven

CI, deploy hooks, and custom webhooks trigger runs via per-project API keys.

Why replays are cheaper

Most AI QA tools charge per run because every replay is an LLM call. Costs scale with suite size, even when the app has not changed. Qodex uses the LLM when a test is created or repaired, not every time the test runs. The generated script is standard Playwright or HTTP code, parameterized by environment variables, and replayed deterministically. Nightly regression runs at Playwright or HTTP cost, not OpenAI cost. UI scenarios use an intent runner today with a step cache, so a successful first run feeds zero-LLM reruns. A fully deterministic UI runner is on the roadmap.
Planned: deterministic UI replay runner removes the LLM from the cached UI replay path entirely. See How Qodex works.

Where to go next

Quickstart

Connect a project, run your first scan, and read the findings in under five minutes.

How Qodex works

Learn the coordinator model, scan types, and replay architecture.

API testing

Import specs, create scenarios, configure auth profiles, and run API coverage.

PR review

Review pull requests with walkthroughs, inline findings, preview checks, and merge gating.

LLM-readable docs

Every page is also published as .md for LLM ingestion. See llms.txt.