S

static-analysis

GitLab CI/CD component that runs trustabl — static reliability/safety analyzer for AI agent SDKs (Claude, OpenAI, Google ADK, MCP). Gates pipelines on risk + severity.

https://github.com/trustabl/trustabl

Coordinated Agent Swarm Testing — open-source framework that deploys 100 Claude AI agents in five specialized squads (Security, Logic, Robustness, Performance, Data Integrity) to systematically analyze codebases for bugs, security issues, and code quality problems. A research-backed substitute for human beta testing. Empirical results from the published paper: 100 agents analyzed a 12,500-line React/TypeScript application in 63 minutes, identified 687 unique findings, at a total cost of $7.97 — compared to $2,000-$20,000 for equivalent human beta testing. Available via npm (cast-swarm) and as an MCP server. Apache 2.0 licensed. Published preprint available.

Verification engine for AI-assisted software changes

Structural and behavioral signals for large, AI-assisted code changes.

Complete GitLab CI pipeline including linting, type checking, testing, build, and security scanning stages.

Hadolint is a Dockerfile linter that helps developers write secure, efficient, and maintainable Dockerfiles. It detects syntax errors, enforces best practices, and integrates with ShellCheck to validate shell scripts in RUN instructions. Ideal for CI/CD pipelines and DevSecOps workflows.

Static analysis of C/C++ code.

ShellCheck is a static anaylsis tool that automatically finds bugs in your shell scripts.