Developer Tools●●●Banger
Prodlint – Static analysis for the bugs AI coding tools write
Catches hallucinated imports, hardcoded secrets, and missing auth that AI coding tools consistently write.
Solve My ProblemSlick
AMARCOVECCHIO99
133mo ago
Back to browse
GitHub Repository
Your vibe-coded app has hardcoded secrets, missing auth, and hallucinated imports. Find out in under a second.
15 starsTypeScript
Prodlint – A linter that catches what AI coding tools miss
by AMARCOVECCHIO99·Feb 19, 2026·1 point·0 comments
AI Analysis
●●●BangerSolve My ProblemShip ItBig Brain
Catches AI-generated bugs TypeScript misses: hallucinated imports, unvalidated server actions, hardcoded secrets.
Strengths
- •Solves a real pain—52 rules specifically for AI-generated code patterns, not generic linting.
- •Zero-config CLI with fast AST parsing (~1s), GitHub Action ready, no LLM dependency.
- •Actionable output with remediation hints (e.g., Zod validation snippets for server actions).
Weaknesses
- •Early stage (v0.7.0, 2 stars)—adoption risk and rule coverage may lag real-world AI bugs.
- •Targets narrow audience (AI coding + Next.js); less relevant for traditional workflows or other frameworks.
Category
Target Audience
Full-stack developers using AI coding assistants (Cursor, Copilot, v0) who want CI/production safety checks
Similar To
ESLint (general-purpose linting) · Snyk (security scanning) · Semgrep (AST-based static analysis)
Post Description
I built Prodlint because I kept shipping the same bugs when building with Cursor, Copilot, and v0. Hardcoded secrets, missing auth checks, hallucinated imports, SQL injection through template literals — AI tools generate these constantly and TypeScript doesn't catch them.
Prodlint is a zero-config static analysis tool with 52 rules across four categories: Security, Reliability, Performance, and AI Quality. It runs in ~1 second, uses AST parsing (no LLM calls), and scores your codebase 0-100.
Some things it catches that surprised me during development: - Imports for npm packages that don't exist (AI hallucinates these) - API methods that aren't real (.flatten(), .contains(), .substr()) - "use client" on files that don't need it - Prisma writes without $transaction - Next.js redirect() inside try/catch (breaks silently) - NEXT_PUBLIC_ on secrets like database URLs
Usage: npx prodlint (no install needed)
Also works as a GitHub Action (posts PR comments with scores) and as an MCP server for Claude Code / Cursor / Windsurf.MIT licensed. Would love feedback on false positives — that's the hardest part of building a linter
Similar Projects
Developer Tools●●Solid
Prodlint – Find what AI coding tools miss before production
This is a focused, pragmatic tool: 27 rules across security, reliability, performance and AI-quality pick up things TypeScript and ESLint miss (hallucinated imports, phantom-dependency, hardcoded secrets, missing rate limiting). It ships as an npx CLI with JSON output for CI, tests and GitHub Actions — small but practical feature set that makes it trivial to gate AI-generated code in pipelines. I'd like stronger editor/IDE integration and more ecosystem hooks, but for teams relying on LLMs this hits an important pain point cleanly.
Niche GemSolve My Problem
AMARCOVECCHIO99
113mo ago
Developer Tools●●●Banger
Gox – Strict static analyzer for Go designed for LLM-written code
Catches swapped string arguments in LLM code that standard linters miss completely.
Big BrainSolve My Problem
kidandcat
601mo ago
Developer Tools●●●Banger
CodeDrift – static analysis for AI-generated code
Catches AI code bugs ESLint misses: missing awaits, IDOR, hallucinated deps, secret leaks.
Solve My ProblemShip It
hamzzaamalik
543mo ago
Developer Tools●●Solid
Envsleuth – catch missing env vars before they reach production
AST parser catches missing env vars before you deploy to production.
Solve My ProblemShip It
k38f
101mo ago
Developer Tools●●Solid
Vibeguard-dev/local – static AST analysis for AI-generated SQL
12 static DBA-level checks catch AI SQL footguns in sub-millisecond time.
Big BrainSolve My Problem
MuddySheep
331mo ago