CodeSight Documentation
LLM-driven code analysis and security review CLI. Finds real bugs, not syntax.
Installation
pip install, configure your API key, and run your first scan in under a minute.
Commands
review, bugs, security, docs, explain, refactor, scan, diff, benchmark - all in one CLI.
Providers
OpenAI, Anthropic, Google Vertex AI, Ollama, or any OpenAI-compatible endpoint (OpenRouter, Groq, Azure, and more).
Benchmarks
CWE detection rates, comparison with Semgrep and CodeQL, false positive analysis.
What CodeSight Does
CodeSight sends your source code to large language models with tuned prompts for specific analysis tasks. Not a linter - it reads what the code is supposed to do and finds where it fails.
Code Review
Severity-tagged issues with line numbers, root cause, and concrete fixes.
Security Audit
CWE IDs, OWASP mapping, proof of concept scenarios, and remediation code.
Bug Detection
Logic errors, race conditions, resource leaks, off-by-ones, and edge cases.
Multi-Provider
15+ providers: OpenAI, Anthropic, Google, Ollama, OpenRouter, Groq, Azure, DeepSeek, and any OpenAI-compatible endpoint.
CI/CD Ready
SARIF output, exit codes, GitHub Action - drops into any pipeline.
Cost Tracking
Token usage and dollar cost per query. No surprises on your API bill.
Quick Example
$ pip install codesight
$ export OPENAI_API_KEY="sk-..."
$ codesight security src/auth.py
╭─────────────────────────────────────────────╮
│ CodeSight SECURITY openai (gpt-5.4) │
╰─────────────────────────────────────────────╯
[CRITICAL] SQL Injection - CWE-89
ln 87 - f-string in SQL query
Fix: Use parameterized queries
[CRITICAL] Hardcoded Secret - CWE-798
ln 42 - JWT_SECRET = "admin123"
Fix: Load from environment variable
[HIGH] Missing Auth - CWE-862
ln 105 - /admin has no auth middleware
3 findings · 1,247 tokens · $0.003