PesterForge · For IT teams

Test coverage you can prove.

PesterForge generates Pester tests for production PowerShell and reports exactly which functions are covered. Built for the DBAs, ops engineers, and module maintainers who get asked “is this tested?” and want a better answer than “probably.”

01 The coverage report

Point Get-PesterCoverage at a module or a folder of scripts. It reads the code, matches functions to their test files, and reports the result like a score: how many functions have tests, how many don't, and the names of the ones that don't. That list of names is the part your team actually works from.

The scan is read-only. It changes nothing in the repository, and coverage auditing is free to run at every tier.

02 Proven by test

Each behavior below has a named test behind it. The suite those tests live in passed 49 of 49 with zero failures on 2026-07-06.

Behavior The test that proves it
Default test generation makes zero network calls. Deterministic mode is the default, not a setting you have to find. AiGating.Tests.ps1
No AI provider is contacted unless you name one on that specific call. Leave the provider off the request and no call is possible. AiGating.Tests.ps1
Output is scanned before it's returned. No machine name or absolute user path appears in any tool response. AirGapScrub.Tests.ps1
Injection-containment tests run against the MCP tool surface and pass. InjectionContainment.Tests.ps1

None of this is a formal compliance certification: no SOC 2, no FedRAMP, no HIPAA attestation. What backs these claims is an internal test suite, named in the table above so a reviewer can ask about any of them specifically.

The full security detail →

03 Fits the governance you already have

Air-gapped and offline

The default generation path makes zero network calls, so there is nothing for a firewall to block and nothing to explain to the network team. AI enrichment exists, but it's an explicit opt-in on each call, never a background dependency.

Your existing CI/CD

PesterForge generates ready-to-run Pester test files. If your pipeline runs Pester today, the generated tests run in it with the runner you already have.

An audit trail you can keep

Run the coverage report on a schedule and keep the output. You end up with a dated record of which functions were covered, and when that changed.

04 Next steps

The security page documents each of the tested behaviors above in detail. The pricing page has the plans, including what stays free.

Read the security detail → See plans and pricing →