{"id":"skylos","name":"Skylos","homepage":"https://github.com/duriantaco/skylos","repo_url":"https://github.com/duriantaco/skylos","category":"developer-tools","subcategories":["static-analysis","security","code-quality"],"tags":["sast","dead-code","python","typescript","go","security","mcp","ci-cd","ai-agents","ast","taint-analysis"],"what_it_does":"A hybrid SAST and dead code detection tool for Python, TypeScript, and Go that combines AST-based static analysis with optional LLM-powered remediation, offering framework-aware false-positive reduction and CI/CD integration.","use_cases":["Detect and safely remove dead code (unused functions, orphan classes, unused imports) from Python, TypeScript, and Go codebases","Run security scans for SQL injection, XSS, command injection, secrets, and SSRF vulnerabilities with low false-positive rates","Automate code remediation and PR creation using AI agents connected via the MCP server interface","Enforce quality gates in CI/CD pipelines with GitHub Actions integration and inline PR annotation","Audit large legacy codebases to reduce maintenance burden while preserving framework-required code (pytest fixtures, FastAPI routes)"],"not_for":["Languages beyond Python, TypeScript/TSX, and Go — multi-language polyglot projects need additional tools","Teams wanting a fully managed SaaS SAST tool — Skylos is self-hosted","Runtime security monitoring — Skylos is static analysis only (no RASP or DAST capabilities)"],"best_when":"You maintain a Python, TypeScript, or Go codebase and need a framework-aware dead code remover and security scanner that minimizes false positives and integrates with CI/CD.","avoid_when":"You need broad multi-language SAST coverage (Java, C#, Ruby, etc.) or require a SOC 2-certified commercial SAST solution.","alternatives":["Vulture","Semgrep","Bandit","ESLint security plugins","CodeQL","SonarQube"],"af_score":73.9,"security_score":70.0,"reliability_score":null,"package_type":"mcp_server","discovery_source":["github","mcp_registry"],"priority":"low","status":"evaluated","version_evaluated":"latest","last_evaluated":"2026-03-01T09:50:06.219701+00:00","performance":{"latency_p50_ms":null,"latency_p99_ms":null,"uptime_sla_percent":null,"rate_limits":null,"data_source":"llm_estimated","measured_on":null}}