CytoScnPy¶

High-Performance Python Static Analysis Tool Powered by Rust

CytoScnPy is a blazing fast static analysis tool for Python codebases. It uses a hybrid Rust/Python architecture to detect dead code, security vulnerabilities, and code quality issues with extreme speed and minimal memory footprint.

Key Features¶

• Blazing Fast: Written in Rust for maximum performance.
• Dead Code Detection: Finds unused functions, classes, methods, imports, and variables.
• Security Scanning: Detects secrets (API keys), dangerous patterns (eval/exec), and taint analysis.
• Code Quality: Calculates Cyclomatic Complexity, Halstead metrics, and Maintainability Index.
• Deep Integration: VS Code extension and MCP server for AI assistants.
• Framework Aware: Native support for Flask, Django, FastAPI, and Pydantic.

Deep Integration¶

• Hybrid Architecture: High-performance Rust core (cytoscnpy) with Python bindings (PyO3).
• Taint Analysis: Tracks data flow from untrusted sources to dangerous sinks (SQL, Shell, Code Execution).
• Clone Detection: Uses Weisfeiler-Lehman graph hashing for semantic similarity.

Installation¶

Linux / macOS:

# Install
curl -fsSL https://raw.githubusercontent.com/djinn09/CytoScnPy/main/install.sh | bash

Windows (PowerShell):

# Install
irm https://raw.githubusercontent.com/djinn09/CytoScnPy/main/install.ps1 | iex

Via Pip:

pip install cytoscnpy

From Source:

git clone https://github.com/djinn09/CytoScnPy.git
cd CytoScnPy
maturin develop -m cytoscnpy/Cargo.toml

Quick Start¶

Analyze your current directory for everything (dead code, security, quality):

cytoscnpy . --secrets --danger --quality

Generate a JSON report for CI/CD:

cytoscnpy . --json > report.json

Preview and fix dead code automatically:

cytoscnpy . --fix        # Preview changes (dry run)
cytoscnpy . --fix --apply # Apply changes

Links¶

• Documentation: djinn09.github.io/CytoScnPy
• PyPI: pypi.org/project/cytoscnpy
• VS Code Extension: Visual Studio Marketplace
• GitHub Repository: github.com/djinn09/CytoScnPy