JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.

A tool for mining commits from Git repositories and diffs to automatically extract code change pattern instances and features with ast analysis

Stop shipping AI slop. Detects empty functions, fake documentation, and inflated comments in AI-generated code. Production-ready.

Multi-language static analysis with cross-file taint tracking. Scan your repo, triage findings in your browser, commit triage state with your code. No cloud, no account.

LibSA4Py: Light-weight static analysis for extracting type hints and features

⚡ JavaScript-aware crawler for security researchers and bug bounty hunters. Extract hidden endpoints and internal subdomains through static and semantic analysis of JS files. Lightweight. Fast. Sneaky.

🔍 Automatically detect duplicate logic in Python code changes. Prevent code duplication and improve code quality.

Revolutionary AST-based debugging and code intelligence platform for Elixir applications

Distributed Multi-Agent AI Orchestration with Ollama - Advanced collaborative workflow with AST quality voting, TrustCall validation, and adaptive strategy selection

A Python package for managing and visualizing interval tree structures with AST analysis capabilities.

Taso: The industry-standard for environment variable drift detection. Find what’s silently wrong with your configuration before production does.

AI-Powered Code Visualizer — transform any codebase into interactive visual mind maps. D3-powered graph visualization, AST analysis, and real-time collaboration.

Supply-chain security CLI for npm/bun/yarn/pnpm — install gate + lockfile snapshots + AST risk scoring

DarkTorch is a simple tool for visualizing code projects, helping developers understand file connections and manage project-related notes

Context broker for AI coding agents (CLI + MCP). Queries codebases via progressive disclosure instead of feeding entire files into context — reducing token waste and context rot. AST-aware retrieval, surgical editing with syntax guard, semantic search. Inspired by Recursive Language Models research (MIT/Stanford, 2025). Built in Rust.

Cross-ecosystem dependency security scanner. Detects the axios RAT supply chain attack and similar threats. 4-layer detection: AST analysis, behavioral fingerprinting, dep graph profiling, registry metadata. Scans npm/PyPI/Cargo/Brew. Zero dependencies.

A strict CLI + library API to report untyped variables, arguments, and function returns in Python code

A Python code debugger that combines static AST analysis with Groq LLM explanations.

Static code analyzer for any repository — classify codebase, extract HTTP routes, detect tech stack, map dependency graph. Multi-language (Python, JS, Java, Go, Ruby, PHP). Zero dependencies. Optional LLM enrichment

Behavioral malware detection for open-source packages (PyPI/NPM). Detects evasion techniques, backdoors, and supply chain attacks using AST analysis.