scitex-audit 0.1.5

Unified security scanning by orchestrating bandit, shellcheck, pip-audit, and GitHub alerts

scitex-audit

Unified security scanning: bandit + shellcheck + pip-audit + GitHub advisories in one report.

Full Documentation · pip install scitex-audit

---

Problem and Solution

#	Problem	Solution
1	Security scanning requires 4 tools run separately — bandit (py) + shellcheck (sh) + pip-audit (deps) + GH Advisories — each with different output format	scitex-audit . — runs all four, merges findings into one JSON report; ideal for CI pre-release gates

Installation

pip install scitex-audit
# With all scanner backends:
pip install scitex-audit[all]

Quick Start

from scitex_audit import audit

results = audit(".")
results = audit(".", checks=["python", "shell"])

2 Interfaces

Python API

from scitex_audit import audit

# Run all enabled scanners and merge results.
results = audit(".")

# Run only specific scanners.
results = audit(".", checks=["python", "shell"])

CLI

scitex-audit .                          # all scanners
scitex-audit . --checks python,shell    # subset
scitex-audit . --json                   # machine-readable

Part of SciTeX

scitex-audit is part of SciTeX.

Four Freedoms for Research

0. The freedom to run your research anywhere — your machine, your terms.
1. The freedom to study how every step works — from raw data to final manuscript.
2. The freedom to redistribute your workflows, not just your papers.
3. The freedom to modify any module and share improvements with the community.

AGPL-3.0 — because we believe research infrastructure deserves the same freedoms as the software it runs on.

License

AGPL-3.0 — see LICENSE for details.

---