Python AI Slop Detector - Find over-engineering, hallucinations, and dead code
Project description
๐ท Sloppy
Detect AI-generated code anti-patterns in your Python codebase.
โก Quick Start
# Install from GitHub
pip install git+https://github.com/rsionnach/sloppy.git
# Or clone and install locally
git clone https://github.com/rsionnach/sloppy.git
cd sloppy
pip install -e .
# Run it
sloppy .
# Output:
# CRITICAL (2 issues)
# ============================================================
# src/api.py:23 mutable_default_arg
# Mutable default argument - use None instead
# > def process(items=[]):
#
# src/db.py:15 bare_except
# Bare except catches everything including SystemExit
# > except:
#
# SLOPPY INDEX
# โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
# Information Utility (Noise) : 24 pts
# Information Quality (Lies) : 105 pts
# Style / Taste (Soul) : 31 pts
# Structural Issues : 45 pts
# โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
# TOTAL SLOP SCORE : 205 pts
#
# Verdict: SLOPPY
๐ฏ What It Catches
The Three Axes of AI Slop
| Axis | What It Detects | Examples |
|---|---|---|
| ๐ข Noise | Debug artifacts, redundant comments | print(), # increment x above x += 1 |
| ๐คฅ Lies | Hallucinations, placeholders | def process(): pass, mutable defaults |
| ๐ Soul | Over-engineering, bad style | God functions, deep nesting, hedging comments |
| ๐๏ธ Structure | Anti-patterns | Bare except, star imports, single-method classes |
๐ฅ What You Put In
# Scan a directory
sloppy src/
# Scan specific files
sloppy app.py utils.py
# Only high severity issues
sloppy --severity high
# CI mode - exit 1 if issues found
sloppy --ci --max-score 50
# Export JSON report
sloppy --output report.json
๐ค What You Get Out
| Output | Description |
|---|---|
| ๐ฏ Issues by Severity | Critical, High, Medium, Low |
| ๐ Slop Score | Points breakdown by axis |
| ๐ Verdict | CLEAN / ACCEPTABLE / SLOPPY / DISASTER |
| ๐ JSON Report | Machine-readable for CI/CD |
๐ Pattern Examples
Critical Severity
# ๐จ mutable_default_arg - AI's favorite mistake
def process_items(items=[]): # Bug: shared state between calls
items.append(1)
return items
# โ
Fix: Use None and initialize inside
def process_items(items=None):
if items is None:
items = []
items.append(1)
return items
# ๐จ bare_except - Catches SystemExit, KeyboardInterrupt
try:
risky_operation()
except: # Bug: swallows Ctrl+C!
pass
# โ
Fix: Catch specific exceptions
try:
risky_operation()
except ValueError as e:
logger.error(f"Invalid value: {e}")
High Severity
# ๐จ pass_placeholder - AI gave up
def validate_email(email):
pass # TODO: implement
# ๐จ hedging_comment - AI uncertainty
x = calculate() # should work hopefully
๐ฐ The Value
๐ Catch AI mistakes before they hit production
Why This Matters
| Problem | Impact | Sloppy Catches |
|---|---|---|
| Mutable defaults | Shared state bugs | โ Critical alert |
| Bare except | Swallows Ctrl+C | โ Critical alert |
| Placeholder functions | Runtime failures | โ High alert |
| Hallucinated imports | ImportError in prod | โ High alert |
| JavaScript patterns | .push(), .length errors |
โ High alert |
| Unused imports | Code bloat | โ Medium alert |
| Dead code | Maintenance burden | โ Medium alert |
| Copy-paste code | Maintenance nightmare | โ Medium alert |
Research Says
- 40%+ of AI-generated code contains security vulnerabilities
- 20% of AI package imports reference non-existent libraries
- 66% of developers say AI code is "almost right" (the dangerous kind)
๐ ๏ธ CLI Commands
sloppy . # ๐ Scan current directory
sloppy src/ tests/ # ๐ Scan multiple directories
sloppy --severity high # โก Only critical/high issues
sloppy --lenient # ๐ฏ Same as --severity high
sloppy --strict # ๐ฌ Report everything
sloppy --ci # ๐ฆ Exit 1 if any issues
sloppy --max-score 50 # ๐ Exit 1 if score > 50
sloppy --output report.json # ๐ Export JSON report
sloppy --ignore "tests/*" # ๐ซ Exclude patterns
sloppy --disable magic_number # โญ๏ธ Skip specific checks
sloppy --version # ๐ Show version
โ Features
| Feature | Description | Status |
|---|---|---|
| ๐ Hallucinated Imports | Detect non-existent packages (40+ patterns) | โ Done |
| ๐ญ Hallucinated Methods | Detect JS patterns like .push(), .length |
โ Done |
| ๐ฆ Unused Imports | AST-based detection | โ Done |
| ๐ Dead Code | Unused functions/classes | โ Done |
| ๐ Duplicate Detection | Cross-file copy-paste | โ Done |
| ๐จ Rich Output | Colors and tables (optional) | โ Done |
| โ๏ธ Config Support | pyproject.toml configuration | โ Done |
๐ฆ Installation
# Install from GitHub
pip install git+https://github.com/rsionnach/sloppy.git
# With colored output (recommended)
pip install "sloppylint[rich] @ git+https://github.com/rsionnach/sloppy.git"
# With all optional features
pip install "sloppylint[all] @ git+https://github.com/rsionnach/sloppy.git"
# Or clone and install for development
git clone https://github.com/rsionnach/sloppy.git
cd sloppy
pip install -e ".[dev]"
# Verify
sloppy --version
โ๏ธ Configuration
Configure via pyproject.toml:
[tool.sloppy]
ignore = ["tests/*", "migrations/*"]
disable = ["magic_number", "debug_print"]
severity = "medium"
max-score = 100
ci = false
format = "detailed" # or "compact" or "json"
๐ค Contributing
git clone https://github.com/rsionnach/sloppy.git
cd sloppy
pip install -e ".[dev]"
pytest tests/ -v # 57 tests should pass
See AGENTS.md for coding conventions and pattern implementation guide.
๐ License
MIT
๐ Acknowledgments
Inspiration
- KarpeSlop - The original AI Slop Linter for TypeScript
- Andrej Karpathy's commentary on AI-generated code quality
Research
- Counterfeit Code - MIT research on "looks right but doesn't work" patterns
- Package Hallucinations - USENIX study on hallucinated dependencies
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sloppylint-0.1.0.tar.gz.
File metadata
- Download URL: sloppylint-0.1.0.tar.gz
- Upload date:
- Size: 38.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7ade9ce251ce2484b58ee31ce95db5550a43869284e62de5226e1185b84abc20
|
|
| MD5 |
882aca53700edd5c9db4f9d86e5b2918
|
|
| BLAKE2b-256 |
1abeb3661dcc0d16bd32163c2ad6e36f162c0903868e9436d9a9dd8ed66cb3f2
|
Provenance
The following attestation bundles were made for sloppylint-0.1.0.tar.gz:
Publisher:
publish.yml on rsionnach/sloppy
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sloppylint-0.1.0.tar.gz -
Subject digest:
7ade9ce251ce2484b58ee31ce95db5550a43869284e62de5226e1185b84abc20 - Sigstore transparency entry: 743635310
- Sigstore integration time:
-
Permalink:
rsionnach/sloppy@71561cd1b7f77e7d9683e33b32df2d456ff4c8a7 -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/rsionnach
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@71561cd1b7f77e7d9683e33b32df2d456ff4c8a7 -
Trigger Event:
release
-
Statement type:
File details
Details for the file sloppylint-0.1.0-py3-none-any.whl.
File metadata
- Download URL: sloppylint-0.1.0-py3-none-any.whl
- Upload date:
- Size: 35.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f00aed1d8b32bd74c92ef7bb15038016e509bdd3206bbeb85c8920c7fdd9b55d
|
|
| MD5 |
873a014e1e885531d5f32d89045f08d9
|
|
| BLAKE2b-256 |
8e8c3f68d96c02b23da2ddd0b1a69543d80032c15d6d7f3fde7c86b0c8ddb6c3
|
Provenance
The following attestation bundles were made for sloppylint-0.1.0-py3-none-any.whl:
Publisher:
publish.yml on rsionnach/sloppy
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sloppylint-0.1.0-py3-none-any.whl -
Subject digest:
f00aed1d8b32bd74c92ef7bb15038016e509bdd3206bbeb85c8920c7fdd9b55d - Sigstore transparency entry: 743635315
- Sigstore integration time:
-
Permalink:
rsionnach/sloppy@71561cd1b7f77e7d9683e33b32df2d456ff4c8a7 -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/rsionnach
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@71561cd1b7f77e7d9683e33b32df2d456ff4c8a7 -
Trigger Event:
release
-
Statement type: