Local-first CLI for auditing AI-generated code for common mistakes
Project description
driftcode-auditor
Local-first CLI for auditing code maintainability, privacy risks, and architecture drift.
License: MIT — Free to use, modify, and distribute.
Features
- Automatically respects
.gitignoreand common build directories (.next,node_modules,dist,.git, etc.) - Parallel scanning for good performance on large codebases
- Reports files scanned + time taken
--streammode to print issues as they are discovered--quietand--verboseoutput modes- Customizable file extensions via
--extor config file - Configurable PII allowlist to reduce false positives
- Pure local operation — no network calls
Configuration
- Project-level:
.driftcode.jsonin the scanned directory - User-level:
~/.config/driftcode/config.json
Usage
Basic scan (after installation):
driftcode-auditor --path /path/to/project --format md --privacy
Or run directly from source:
python -m driftcode_auditor --path /path/to/project --format md --privacy
Common options:
driftcode-auditor --path . --format md --privacy --maintainability
driftcode-auditor --path . --format json --privacy --stream
driftcode-auditor --path . --privacy --verbose
driftcode-auditor --path . --privacy --ext .py,.ts
Flags
| Flag | Description |
|---|---|
--path |
Directory to scan (default: current dir) |
--format |
Output format: md or json |
--privacy |
Enable privacy risk detection |
--maintainability |
Enable maintainability checks |
--stream |
Print issues immediately as found |
--output |
File for full detailed report (default: driftcode-report.md) |
--quiet |
Minimal output |
--verbose |
Show every file being scanned |
--ext |
Comma-separated list of extensions to scan |
Example Output
Scanning /home/user/project ... (skipping common build dirs)
# DriftCode Auditor Report
...
## Privacy
- **pii** in `lib/network.ts:42`: PII in code
- ... and 47 more
## Architecture
- **large_file** in `lib/commands.ts:1`: File >500 lines
- ... and 3 more
Scan complete.
Files scanned: 1247
Time taken: 3.21s
Total issues found: 87
When many issues are found, only the first 15 per category are shown, followed by a summary count.
Running Tests
python -m pytest tests/
License
This project is licensed under the MIT License - see the LICENSE file for details.
Support the Project
DriftCode Auditor is free and open source, and will remain that way.
If you find it valuable — especially when auditing AI-generated code — consider sponsoring its development on GitHub Sponsors.
Your support helps sustain focused work on the tool, funds new rule development, and keeps the project moving forward as AI coding practices evolve.
Every sponsor directly contributes to making reliable AI code review more accessible.
Philosophy
DriftCode Auditor is designed to help developers audit AI-generated code for common and obvious mistakes.
Key goals:
- Catch simple issues that would otherwise go unnoticed
- Be fast and respectful of existing project structure (respects
.gitignore) - Stay simple, local-first, and privacy-conscious
- Provide clear, actionable feedback without false security
All scanning happens on your machine with no data leaving your environment.
Reviewing AI-Generated Code
DriftCode Auditor is designed to help you quickly audit code produced by AI coding assistants (Claude, Cursor, Copilot, etc.).
Common Issues It Catches
- Missing or fake error handling
- Hardcoded secrets and credentials
- Overly generic function names
- Architectural drift and pattern violations
- Missing edge case handling
- Potential PII / secret leaks
Recommended Workflow
- Generate code with your AI assistant
- Run
driftcode-auditoron the changed files - Review flagged issues before committing
- Use
--output report.mdfor a full detailed report
Example: Catching a Common AI Mistake
AI-generated code:
def get_user(user_id):
return db.query("SELECT * FROM users WHERE id = " + user_id)
DriftCode Auditor output:
- **pii** in `user_service.py:12`: PII in code → `return db.query("SELECT * FROM users WHERE id = " + user_id)`
- **secret** in `user_service.py:12`: Potential SQL injection risk
This helps catch problems that are easy to miss in normal code review.
This adds a lightweight but effective safety net when working with AI-generated code.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file driftcode_auditor-0.2.1.tar.gz.
File metadata
- Download URL: driftcode_auditor-0.2.1.tar.gz
- Upload date:
- Size: 12.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
66991c376e7ec4c2e70e4c5629a80000a5d14e55fa1e1d97b2f9b6d01de8e619
|
|
| MD5 |
9dd0ae161f2c759e34f71764c35837e6
|
|
| BLAKE2b-256 |
3a30817471e0558abda25a34310f2115d15ccaeecc31336f4aef798447d03ff7
|
File details
Details for the file driftcode_auditor-0.2.1-py3-none-any.whl.
File metadata
- Download URL: driftcode_auditor-0.2.1-py3-none-any.whl
- Upload date:
- Size: 11.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8bceb877b2c49d668b9ea85e41fd87c05fb3e15a3cbb3fb93b811675504ab6c0
|
|
| MD5 |
be10e78b558878efcc3086860a30abeb
|
|
| BLAKE2b-256 |
07f0f47f0dff263a8768cb8ed0f0d64b262578d3dea7b58f3195dae91ec7fb36
|
