> TheAuditor

Database-first / Local-first / Polyglot

Deterministic Code Context & Advanced Polyglot SAST for AI Agents.

A database-first platform that indexes your entire codebase into queryable, deterministic facts, giving AI agents ground truth instead of guesswork. The same deep analysis that powers aud query, aud explain, and aud impact also drives 26 rule categories of advanced security analysis across 13 languages.

aud taint --severity critical
 $ aud taint --severity critical [CRITICAL] SQL Injection in src/api/users.py:42
Source: user_input (HTTP body)
src/middleware/parse.py:18
Sink: cursor.execute()
           src/db/query.py:67
Path: 8 hops across 3 files
[CRITICAL] Command Injection in src/upload/handler.go:88
Source: query.Get("filename")
Sink: exec.Command(filename, ...)
Path: 3 hops, no sanitization
[CRITICAL] XXE in src/parsers/xml.java:124
Source: request.getInputStream()
Sink: DocumentBuilder.parse()
Path: 4 hops, framework: Spring Boot
3 critical issues across 13 languages indexed.
# Run `aud chain-analyze` for multi-step exploitable paths. 

The three problems we solve

Different problem. Different architecture.

PROBLEM 01

LLMs guess relationships from raw code.

We return verified facts from indexed data.

Standard AI agents read 5,000 lines of source to infer call graphs. TheAuditor returns the call graph from a sub-millisecond database query. No inference. No guessing. The same answer every time.

PROBLEM 02

Tools re-parse files for every query.

We index once, query in milliseconds.

Most SAST tools rebuild the AST on every run. TheAuditor indexes incrementally into SQLite, then answers every question about symbols, callers, callees, data flows, and framework boundaries straight from the database. Cross-tool correlation comes free.

PROBLEM 03

Single-dimension analysis misses real risks.

Four independent vectors converge.

Static linters miss runtime risk. Churn metrics miss vulnerability patterns. Taint trackers miss complexity. We fuse all four (STATIC, STRUCTURAL, PROCESS, FLOW) into a Four-Vector Convergence Engine that surfaces the files where three or more independent signals agree.

Architecture

Custom compilers, not generic parsers.

TheAuditor's analysis accuracy comes from deep compiler integrations, not generic parsing. Each language gets the right tool for the job.

Python

Framework-aware semantic analysis

Understands how Django, Flask, FastAPI, Celery, Pydantic, and 100+ framework patterns actually behave, rather than leaning on regexes or generic tree walks. Security and data-flow analysis run with that framework context, so findings reflect real execution paths.

Framework-aware Full data flow No code execution

JavaScript / TypeScript

IDE-grade type resolution

Real type-aware analysis across complex import graphs, JSX/TSX, tsconfig path aliases, and Vue SFCs, with the same depth of understanding your editor has. It goes past tree-sitter and pattern matching.

Type-aware Monorepo-aware JSX / TSX / Vue

Java

Compiler frontend, no execution

The same proven approach as PMD, SpotBugs, and SonarQube: compiler-frontend analysis with full type resolution, no bytecode generation, and no code execution. Build-system aware for an accurate classpath. Never guesses, never relies on heuristics.

Full type resolution Build-aware No code execution

Polyglot support

13 languages. Five capability axes. Zero second-class citizens.

Every supported language has full semantic extraction with dedicated taint pattern registries, graph strategies, and rule packs, adding up to 267 rules across 230 files (~700 individual checks). Parity is enforced: if it's listed, it works.

Python

Indexing Full Taint Full CFG Full Call Graph Full Rules Full

TypeScript / JavaScript

Indexing Full Taint Full CFG Full Call Graph Full Rules Full

Java

Indexing Full Taint Full CFG Full Call Graph Full Rules 10 rule files

Go

Indexing Full Taint Full CFG Full Call Graph Full Rules 9 rule files

Rust

Indexing Full Taint Full CFG n/a Call Graph Full Rules 11 rule files

PHP

Indexing Full Taint Full CFG n/a Call Graph Full Rules 25 rule files

Ruby

Indexing Full Taint Full CFG Full Call Graph n/a Rules 20 rule files

Bash

Indexing Full Taint Full CFG Full Call Graph n/a Rules 5 rule files

Vue

Indexing Full Taint Full CFG n/a Call Graph Component Tree Rules 6 rule files

Svelte / SvelteKit

Indexing Full Taint Full CFG Full Call Graph Full Rules (via JS/TS)

GitHub Actions

Indexing Full Taint Full CFG n/a Call Graph n/a Rules 9 rule files

Terraform / HCL

Indexing Full Taint Full CFG n/a Call Graph n/a Rules 1 rule file

AWS CDK

Indexing Full Taint Full CFG n/a Call Graph Via JS/TS Rules (via JS/TS + infra)

Four-Vector Convergence Engine

When three or more independent vectors agree, confidence is exponentially higher.

The FCE identifies high-risk code by finding where multiple independent analysis vectors converge. Most tools have one signal. We have four, and we measure agreement across all of them.

STATIC

Linters

ESLint, Ruff, Clippy

Code quality issues

STRUCTURAL

Code complexity

Cyclomatic complexity

Structural risk

PROCESS

Git churn

Modification history

Frequently changed code

FLOW

Taint propagation

Source→sink taint

Data flow vulnerabilities

$ aud fce --threshold 3 # Files where 3+ vectors converge

Taint Analysis

Source-to-sink tracking across 8 languages with dedicated pattern registries.

Source-to-sink interprocedural analysis. Each language gets its own registry of sources, sinks, and sanitizers, tuned by hand. Cross-language patterns (HTTP clients, env vars, file I/O) live in a shared polyglot registry.

JavaScript / TypeScript

~1,520 lines

HTTP, DOM, Node.js, React, Express, GraphQL, CORS

Python

~1,100 lines

Django, Flask, FastAPI, SQLAlchemy, subprocess, Celery

Go

~680 lines

net/http, Chi, stdlib, database/sql, os/exec

Rust

~660 lines

Actix, Rocket, Tokio, std::process, diesel

Java

~530 lines

Spring Boot, Hibernate, JNDI, SpEL, LDAP, XXE, deserialization

PHP

~500 lines

Laravel, Symfony, WordPress, superglobals, PDO, unserialize

Ruby

~340 lines

Rails, Sinatra, ActiveRecord, system/exec, Marshal/YAML deserialization

Bash

~400 lines

curl/wget, eval, source, pipes, env vars

Vulnerability classes detected

SQL injection Command injection XSS Path traversal SSRF XXE LDAP injection Insecure deserialization Log injection SpEL injection JNDI injection (Java) Auth weakness TOCTOU Floating-point logic errors Regex DoS

Run aud chain-analyze to correlate findings into multi-step exploitable attack chains.

SAST Benchmark Results

100% True Positive Rate. 0% False Positive Rate.

Independently verifiable against the standard OWASP corpora. Methodology and per-test reproductions coming in a future blog post.

OWASP Java Benchmark
100% TPR 0% FPR
11/11 vulnerability categories perfect
OWASP Python Benchmark
100% TPR 0% FPR
All categories perfect
OWASP Juice Shop (Node.js)
100% TPR 0% FPR
31/31 true positives, 0 false positives

Evasion Detection

Identifies code that intentionally evades static analysis.

Flags high-impact operations hidden behind suspicious conditions, and uses your git history to keep confidence high and noise low. Compare any version against a known-good baseline to surface guards that were quietly introduced.

Time & environment gates

Logic that only fires on certain dates, clocks, or CI/CD environments

Identity & fork gates

Behavior keyed to a specific repository, package, or fork

Unjustified constant guards

High-impact operations hidden behind hardcoded constants with no real reason

Baseline deviations

New guards or control flow that did not exist in a known-good version

Over- or under-broad conditions

Catch-all wildcards or hyper-specific checks that smell like targeting

$ aud eidl baseline --version v1.0.0 # Establish known-good baseline

Framework-Aware Detection

21 frameworks, understood natively.

This goes well past pattern-matching on import names. Each framework is understood on its own terms, covering Django signals, Flask routes, Celery tasks, Pydantic validators, Spring Boot annotations, Hibernate entities, Laravel middleware, and Express handlers, so taint and rules can reason about framework-specific semantics.

Django Flask FastAPI Spring Boot Hibernate JAX-RS Laravel Symfony WordPress React Vue Svelte/SvelteKit Next.js Express Angular SQLAlchemy Prisma Sequelize TypeORM Celery GraphQL

Infrastructure Coverage

Most SAST tools stop at application code. We track taint across infrastructure boundaries.

Terraform / HCL

Full structural

Dedicated HCL extractor. Full structural fidelity. Taint tracks across module boundaries, variable interpolations, and tfvars files. AWS / GCP / Azure resource graphs.

AWS CDK

Full semantic

Routes through JS/TS engine plus dedicated construct analysis. L1/L2/L3 constructs traced into the synthesized CloudFormation graph. Security groups, IAM policies, S3 ACLs analyzed at the source.

GitHub Actions

Full structural

YAML extractor with workflow graph. 9 rule files for unpinned actions, secrets-in-logs, fork-PR escalation, environment misuse. The CI/CD attack surface is no longer a blind spot.

AI Agent Integration via MCP

Eight Model Context Protocol tools. Three commands to wire it in.

TheAuditor ships a stdio-transport MCP server (aud-mcp), launched per-session by your AI host (Claude Code, Cursor, Codex). Tools are read-only, depth-gated by tier, rate-limited per day. aud setup-mcp also installs Claude Code hooks for a Context Gate that blocks edits until the AI calls aud_explain on the target file.

install
 # Requires Python 3.14+ (PEP 649 deferred annotations # are needed for accurate type resolution in the Taint Engine). $ pip install theauditor # Index your codebase (first run: 5-30s for small projects, # 1-10 min for 100K+ LOC framework-heavy codebases). $ cd your-project $ aud full --offline # Wire the MCP server + Claude Code hooks. $ aud setup-mcp  Wrote .mcp.json
 Installed 5 Claude Code hooks
 Snapshotted analytics baseline
 Restart your AI session to activate. # Also available: aud dashboard, a self-hosted # web UI for findings, blast radius, analytics. 
aud_explain

Full context bundle: symbols, callers, callees, deps, findings, taint flow summary. Use before editing a file.

aud_query

Lightweight lookup: list file symbols, find callers/callees, search by pattern, check imports.

aud_findings

Security findings by bucket: exploitable (taint-confirmed), chains, security (patterns/CVEs), code intelligence.

aud_impact

Blast-radius analysis: upstream/downstream dependencies, coupling score, risk level. Use before refactoring.

aud_blueprint

Project architecture overview: languages, frameworks, entry points, security surface, data flow.

aud_session

AI session efficiency: planning vs. working vs. research ratios, token usage from session logs.

aud_reindex

Database update after edits. Auto-picks full online refresh (>2d old) or fast incremental.

aud_analytics

Token-waste analysis: how many file reads could be replaced by aud_explain, with savings estimate.

Measured behavioral data

"Code written during sessions with 5+ blind edits shows 80% higher likelihood of requiring corrections."

Source: aud session analyze  •  Trained on 109-dimensional features extracted from real Claude Code sessions.

The ecosystem

Better alone. Unfair together.

Five focused tools for shipping with AI agents. Each stands on its own; together they cover code, action, orchestration, memory, and proof.

Launch notifications

Get notified when TheAuditor ships.

No marketing fluff. Just one email when the binary lands and you can try it.

We use Buttondown. No spam. Unsubscribe anytime.