Show HN: TheAuditor – Offline security scanner for AI-generated code

Summary

TheAuditor Offline-First, AI-Centric SAST & Code Intelligence Platform What TheAuditor Does TheAuditor is a comprehensive code analysis platform that: Finds Security Vulnerabilities : Detects OWASP Top 10, injection attacks, authentication issues, and framework-specific vulnerabilities : Detects OWASP Top 10, injection attacks, authentication issues, and framework-specific vulnerabilities Tracks Data Flow : Follows untrusted data from sources to sinks to identify injection points : Follows untrusted data from sources to sinks to identify injection points Analyzes Architecture : Builds dependency graphs, detects cycles, and measures code complexity : Builds dependency graphs, detects cycles, and measures code complexity Detects Refactoring Issues : Identifies incomplete migrations, API contract mismatches, and cross-stack inconsistencies : Identifies incomplete migrations, API contract mismatches, and cross-stack inconsistencies Runs Industry-Standard Tools : Orchestrates ESLint, Ruff, MyPy, and other trusted linters : Orchestrates ESLint, Ruff, MyPy, and other trusted linters Produces AI-Ready Reports: Generates chunked, structured output optimized for LLM consumption Unlike traditional SAST tools, TheAuditor is designed specifically for AI-assisted development workflows, providing ground truth that both developers and AI assistants can trust. Quick Start Step 1: Install TheAuditor (One-Time Setup) # Clone TheAuditor to your tools directory (NOT your project!) cd ~ /tools # or wherever you keep development tools git clone https://github.com/TheAuditorTool/Auditor.git cd TheAuditor # Install using your SYSTEM Python (no venv needed!) pip install -e . # Verify installation aud --version Step 2: Analyze Your Project # Navigate to YOUR PROJECT directory (not TheAuditor!) cd ~ /my-project-to-audit # Setup sandbox environment for THIS project aud setup-claude --target . # Run analysis aud init # First time only aud full # Complete security audit # Check results ls .pf/rea...