Dead code, security, secrets detection and code quality for Python, TypeScript, Go.
Open-source, local-first checks for dead code, security issues, secrets, quality regressions, and AI-code mistakes before merge. [](#star-authenticity-audit) English | Deutsch | 简体中文 | Translations Skylos is an open-source static analysis CLI for Python, TypeScript, JavaScript, Java, Go, Kotlin, PHP, Rust, Dart, C#, Shell, and deployment config. It runs locally by default and can also be used as…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Open-source, local-first checks for dead code, security issues, secrets, quality regressions, and AI-code mistakes before merge. [](#star-authenticity-audit) English | Deutsch | 简体中文 | Translations Skylos is an open-source static analysis CLI for Python, TypeScript, JavaScript, Java, Go, Kotlin, PHP, Rust, Dart, C#, Shell, and deployment config. It runs locally by default and can also be used as a CI/CD PR gate. Use Skylos when you want one command to check a repo or pull request for: dead code…