CytoScnPy¶

High-Performance Python Static Analysis Tool Powered by Rust

CytoScnPy is a blazing fast static analysis tool for Python codebases. It uses a hybrid Rust/Python architecture to detect dead code, security vulnerabilities, and code quality issues with extreme speed and minimal memory footprint.

Key Features¶

• 🚀 Blazing Fast: Written in Rust for maximum performance.
• 💀 Dead Code Detection: Finds unused functions, classes, methods, imports, and variables.
• 🔒 Security Scanning: Detects secrets (API keys), dangerous patterns (eval/exec), and taint analysis.
• 📊 Code Quality: Calculates Cyclomatic Complexity, Halstead metrics, and Maintainability Index.
• 🧩 Deep Integration: VS Code extension and MCP server for AI assistants.
• 🛠️ Framework Aware: Native support for Flask, Django, FastAPI, and Pydantic.

Deep Integration¶

• Hybrid Architecture: High-performance Rust core (cytoscnpy) with Python bindings (PyO3).
• Taint Analysis: Tracks data flow from untrusted sources to dangerous sinks (SQL, Shell, Code Execution).
• Clone Detection: Uses Weisfeiler-Lehman graph hashing for semantic similarity.

Installation¶

Install via pip:

pip install cytoscnpy

Or build from source:

git clone https://github.com/djinn09/CytoScnPy.git
cd CytoScnPy
maturin develop -m cytoscnpy/Cargo.toml

Quick Start¶

Analyze your current directory for everything (dead code, security, quality):

cytoscnpy . --secrets --danger --quality

Generate a JSON report for CI/CD:

cytoscnpy . --json > report.json

Preview and fix dead code automatically:

cytoscnpy . --fix        # Preview changes
cytoscnpy . --fix --apply # Apply changes