v0.8.5 · Metalinter · Token Estimator · Coverage Gates · 81.7% Line Coverage

AI Code Safety
for the MCP Era

ailinter scans your AI-generated code for quality issues, hardcoded secrets, and security vulnerabilities — before they reach production. Built natively for the Model Context Protocol. Works with Claude, OpenCode, and Cursor.

Get Started — It's Free ⭐ on GitHub

Install in 30 seconds

# macOS (Homebrew)
brew install ailinter/ailinter/ailinter

# Go install (latest stable)
go install github.com/ailinter/ailinter/cmd/ailinter@v0.8.5

# Or download from github.com/ailinter/ailinter/releases

MIT licensed. 15MB binary. Zero dependencies. No signup required.

terminal — ailinter check . --format markdown
## app.py
Language: python | Lines: 45 | Score: 82/100 → Go Ahead

### Code Quality (1 issue)
deep_nesting (warning): Nesting depth 4 at line 32

### Vulnerability Scan (2 findings)
pickle_deserialization (critical): line 15 — can execute arbitrary code
eval_injection (critical): line 28 — use ast.literal_eval() instead

### Secret Scan
Clean — no secrets detected

Files: 12 | Go Ahead: 9 | Care: 2 | Needs Work: 1 | Stop: 0
Vulnerabilities: Clean (0 findings)

What's New in v0.8.5

Four major features to make your AI-generated code safer and cleaner than ever.

⚡ Metalinter — 5 Linters, 1 Binary

Embedded go vet, staticcheck, gofmt, misspell, and ineffassign — invoked via --meta-lint (now enabled by default) or ailinter init. Zero additional setup. One binary replaces five tools.

$ ailinter check main.go --meta-lint
✓ go vet — no issues
✓ staticcheck — no issues
⚠ gofmt — file is not gofmt-ed (formatting)
✓ misspell — no issues
✓ ineffassign — no issues

💰 Token Estimator

--estimate-tokens calculates AI token cost before sending code to an LLM. Saves money by flagging expensive files before they go to context.

$ ailinter check main.go --estimate-tokens
main.go: 1,240 tokens (~$0.01 @ claude-sonnet-4)

✅ Coverage Gates

Now at 81.7% line coverage (up from 66.2%). Enforced at 70% function / 80% line coverage in CI. Every new feature must maintain or improve these thresholds.

81.7%
Line Coverage
75.2%
Func Coverage

Three Scanners. One Binary. Zero Dependencies.

Everything you need to keep AI-generated code safe and maintainable.

Code Quality

20 detectors: deep nesting, brain methods, bumpy roads, complex conditionals, duplication, cohesion, primitive obsession, long switches, global data, and more. Every file scored 0–100 with AI-friendly refactoring guidance.

Secrets Detection

269 betterleaks rules + 150 gitleaks fallback. AWS keys, Stripe tokens, GitHub PATs, private keys, JWT, Slack tokens, and more. All secrets redacted in MCP output — never leaked to AI context.

Vulnerability Scanning

58 patterns, 6 categories: injection, XSS, deserialization, weak crypto, XXE, and workflow. Covers Python, Go, JS/TS, Java, C#, PHP. Line-level reporting with human-readable descriptions and fix reminders.

MCP SERVER · STDIO TRANSPORT · 7 TOOLS

Runs Where Your AI Agent Runs

ailinter is an MCP server with 7 tools — AI coding assistants invoke it directly via stdio. No daemon, no API key, no cloud dependency. Everything is local, fast, and private.

analyze_code
scan_for_secrets
assess_file
get_refactoring
set_config
get_config
list_hotspots
Claude| OpenCode| Cursor| Continue.dev| Zed

Code Quality Tiers

80–100Go Ahead — safe to modify freely
60–79Proceed with Care — small isolated changes
40–59Needs Work — refactor incrementally
0–39Stop & Refactor — fix before touching

Vulnerability Tiers

CleanNo vulnerabilities detected
MonitorWarning-level patterns — review
RemediateAlert/critical — fix before continuing
58
Vulnerability Patterns
269+
Secret Detection Rules
20+5
Quality + Meta-linters
15 MB
Single Binary

Stay updated

New features, vulnerability patterns, and Pro tier launch. No spam.