Techly NewsGet the app

Get the latest tech news

Show HN: TheAuditor – Offline security scanner for AI-generated code


Antidote to VibeCoding. Contribute to TheAuditorTool/Auditor development by creating an account on GitHub.

Finds Security Vulnerabilities: Detects OWASP Top 10, injection attacks, authentication issues, and framework-specific vulnerabilities Tracks Data Flow: Follows untrusted data from sources to sinks to identify injection points Analyzes Architecture: Builds dependency graphs, detects cycles, and measures code complexity Detects Refactoring Issues: Identifies incomplete migrations, API contract mismatches, and cross-stack inconsistencies Runs Industry-Standard Tools: Orchestrates ESLint, Ruff, MyPy, and other trusted linters Produces AI-Ready Reports: Generates chunked, structured output optimized for LLM consumption Read and analyze security vulnerabilities- SQL injection, XSS attacks, hardcoded passwords Write these findings to disk- Creating reports with exact code snippets as evidence Process files rapidly- Scanning entire codebases in parallel for efficiency This interaction with antivirus software is not a flaw in TheAuditor - it's proof that both your AV and our scanner are doing exactly what they're designed to do: identify and handle potentially dangerous code patterns.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of generated code

generated code

Photo of TheAuditor

TheAuditor

Related news:

News photo

AI model 'personalities' shape the quality of generated code

News photo

$1M Stolen in 'Industrial-Scale Crypto Theft' Using AI-Generated Code

News photo

AI-Generated Code Creates Major Security Risk Through 'Package Hallucinations'

« A.I. Could Make the Smartphone Passé. What Comes Next?
The Saudi Arabian takeover of fighting games' biggest tournament means players - and the wider community - have a choice to make: between its culture and a payout »