Hi everyone

I have created Skylos to detect dead code quite a while back. Just here to give a short update. We have updated and expanded Skylos' capabilities to include common security flaws generated by AI. These things include the basic stuff like SQL injection, path traversal etc. So how this works, your py files are parsed through the AST.. After that the security scanners will take over and run over that same tree. Once that is complete, a generic "dangerous" table is applied node by node to catch any security flaws. As for how the dead code side works, i'm gonna keep it short. basically it parses the py files to build a graph of functions, classes, variables etc etc. it will then record where each symbol is referenced. thats it.

Target audience

Anyone working with python code.

Why use Skylos?

I know people will ask why use this when there's vulture, bandit etc etc. Well I mean those are really established and great libraries too. We're kind of more niche. For starters, Skylos provides real taint tracking by propagating the taint in the AST. If i'm not wrong although i may be, bandit uses pattern matching. Just a different approach. We also tuned skylos specifically for handling poor ai coding practises since now I know a fair bit of people who are placing more reliance on ai. So we found out that these are the common problems that AI generate. That is why we have tuned skylos specifically for this purpose. We will definitely expand its abilities in the future. Lastly, why Skylos? One tool, one AST, thats it.

We have provided a VSC extension in the marketplace. You can search for skylos via the marketplace if you're using VSC. The tool will highlight and search for dead code etc. We will work on this further. We also do have a CI/CD pipeline in the README so yall can use it to scan your repos before merging etc.

If you all have found this library useful, please give us a star on github, share it and give us feedback. We're happy to hear from yall and if you will like to collab, contribute do drop me a message here. I also will like to apologise if i have been inactive for a bit, been doing a peer review for my research paper so have been really swarmed.

Thanks once again!

Links: https://github.com/duriantaco/skylos