GitHub has introduced a new experimental feature in public beta that enhances its code scanning capabilities for JavaScript and TypeScript repositories using a deep learning model. This feature is designed to identify more potential security vulnerabilities, focusing on four common types: cross-site scripting (XSS), path injection, NoSQL injection, and SQL injection, which are prevalent in the JavaScript/TypeScript ecosystem. Powered by the CodeQL analysis engine, this improved scanning leverages open-source queries from community members and GitHub security experts to provide comprehensive coverage of Common Weakness Enumeration (CWE) vulnerabilities. The analysis is part of the security-extended and security-and-quality analysis suites, and it can be enabled by adjusting the code scanning Actions workflow configuration file. While the experimental analysis might initially have a higher false-positive rate, it aims to improve over time, allowing developers to write more secure code by identifying untrusted user data flows and emerging libraries. New alerts generated by this analysis are marked with an "Experimental" label and appear in the "Security" tab and on pull requests in the repository. The initiative encourages user feedback to refine the model and enhance global code security.