AgentIndex icon
AgentIndex
ToolsCategoriesTrendingNewCompare
Submit Tool
Home/
RAG / Knowledge Base/
skylos
skylos logo

skylos

Active·★ 444·NOASSERTION·Updated 2026-05-29
★ Security & Safety★ Dev Tooling

High-precision Python SAST & Dead Code Remover. Finds unused functions, secrets, and security flaws with hybrid static analysis + local LLM agents. Privacy-first & low noise. MCP server for SAST too. Docs: https://docs.skylos.dev/

Skylos is a privacy-first, hybrid static analysis tool designed for Python, TypeScript, and Go. It excels at detecting dead code, critical security vulnerabilities like SQL injection and hardcoded secrets, and various code quality issues, bridging traditional static analysis with advanced AI agent capabilities.

#Static Analysis#SAST#Dead Code Detection#AI Agent#Python Security#Code Quality#CI/CD#Multi-language
$ Install
$ pip install skylos
↗ Visit site★ GitHub
01

Features

01Hybrid Static Analysis with AI Agents: Combines traditional static analysis with optional local/cloud LLMs to eliminate false positives and find deep logic bugs.
02Comprehensive Code Auditing: Detects dead code, security vulnerabilities (SAST including SQLi, SSRF, secrets), and code quality issues (complexity, nesting) across multiple languages.
03Automated Remediation & CI/CD Integration: Offers automated fixes and end-to-end remediation via AI agents, and seamlessly integrates into CI/CD pipelines for PR guarding, annotations, and quality gates.
04Multi-Language Support & Privacy-First: Supports Python, TypeScript, and Go with 100% local analysis options, ensuring code privacy.
02

Compatibility

Python
Language
Verified via docs
TypeScript
Language
Verified via docs
Go
Language
Verified via docs
GitHub Actions
CI/CD
Verified via docs
VS Code
IDE Extension
Verified via docs
Ollama
Local LLM
Verified via docs
03

Quick start

1
$ pip install skylos
04

Use cases

↳Automating Code Quality in CI/CD: Integrate Skylos into GitHub Actions to automatically detect dead code, security vulnerabilities, and quality issues on every Pull Request, failing builds on critical findings.
↳Deep Security Auditing of Python, TypeScript, and Go Applications: Perform comprehensive SAST, including taint analysis, secrets detection, and vulnerability checks, across multi-language repositories.
↳Intelligent Dead Code Elimination and Codebase Optimization: Accurately identify and safely remove unreachable functions, classes, and unused imports, leveraging hybrid analysis to distinguish true dead code from framework magic.
↳AI-Assisted Code Remediation and PR Review: Utilize AI agents for context-aware audits, automated fixes, and end-to-end remediation, including generating and validating fixes, and posting inline PR review comments.
05

Alternatives

mindsdb logo
mindsdb★ 39.2k
Federated Query Engine for AI - The only MCP Server you'll ever need
vs →
Brave Search MCP logo
Brave Search MCP★ 86.5k
Allow your AI Agent to search the real-time internet using Brave Search API. Essential for getting up-to-date information.
vs →
ragflow logo
ragflow★ 81.5k
RAGFlow is a leading open-source Retrieval-Augmented Generation (RAG) engine that fuses cutting-edge RAG with Agent capabilities to create a superior context layer for LLMs
vs →
Gemini CLI logo
Gemini CLI★ 104.7k
An open-source AI agent that brings the power of Gemini directly into your terminal. Supports native MCP.
vs →
Open Interpreter logo
Open Interpreter★ 63.7k
A natural language interface for computers. Lets LLMs run code (Python, Javascript, Shell, etc.) locally on your machine.
vs →
GPT Researcher logo
GPT Researcher★ 27.4k
An LLM agent that conducts deep research (local and web) on any given topic and generates a long report with citations.
vs →
claudian logo
claudian★ 12.0k
An Obsidian plugin that embeds Claude Code as an AI collaborator in your vault
vs →
mcp-for-beginners logo
mcp-for-beginners★ 16.2k
This open-source curriculum introduces the fundamentals of Model Context Protocol (MCP) through real-world, cross-language examples in .NET, Java, TypeScript, JavaScript, Rust and Python. Designed for developers, it focuses on practical techniques for building modular, scalable, and secure AI workflows from session setup to service orchestration.
vs →
See all alternatives →

Related searches

skylos AlternativesBest RAG / Knowledge Base Tools 2026Open Source RAG / Knowledge Baseskylos Tutorialskylos Vs CompetitorsStatic AnalysisSASTDead Code Detection

Comments

Log in to leave a comment
  • A
    Alex WilsonMay 6, 2026

    The SAST approach catches security issues alongside code quality problems in one pass

  • Emerson Lee
    Emerson LeeApr 20, 2026

    Used in CI pipelines for automated code hygiene, accuracy is high with low false positives

  • S
    Sutton NguyenApr 3, 2026

    High-precision Python dead code detection with secret scanning is a useful combination

  • C
    Cameron PatelFeb 26, 2026

    The dead code removal capability reduced our codebase size by 15% on first run

On this page
01Features02Compatibility03Quick start04Use cases05Alternatives
Stats
GitHub Stars★ 444
Last commit1d ago
StatusActive
LicenseNOASSERTION
CategoryRAG / Knowledge Base
Trend (30d)
+17.7↑ 0.5%
Links
Documentation↗Discussion↗Issues↗Releases↗

Deploy on DigitalOcean — Get $200 Free Credit

Ad
© 2026 AgentIndex.app|Built by a 10-year iOS Developer.
QYSGitHubBuy me a coffee ☕

Browse by Category

Code AssistantWorkflow AutomationRAG / Knowledge BaseMulti-AgentBrowser AutomationLLM InfraDev ToolingObservability

Not affiliated with Anthropic, OpenAI or Microsoft.