Brakeman is a nice tool for static security analysis of RoR applications. It should help you discover security flaws in your applications like possible SQL injections, mass assignment problems and so on… Simply install the gem using
gem install brakeman
and run it with a nice html output inside your rails project directory:
brakeman -o brakeman.html
The html output provides a nicely formatted frontend with summary and detail reports concerning the tests done and possible security flaws. It even displays the correspondent source code lines.
Although it doesn’t give you complete safety, it’s a good start for finding some potential security holes. Definitively a tool worth trying.