prodlint – Static analysis for AI-generated code security

Summary: prodlint performs 52 static analysis checks targeting common security flaws in AI-generated code, such as hardcoded secrets, missing authentication, and absent rate limiting. It runs via terminal or a free web scanner, delivering results in about 10 seconds without configuration.

What it does

prodlint scans codebases for security issues typical in AI-generated code, including hardcoded secret fallbacks, missing auth on server actions, empty catch blocks, and Supabase tables without row-level security.

Who it's for

Developers working with AI-generated code from tools like Cursor, Claude Code, Bolt, and v0 who need to identify security oversights.

Why it matters

It addresses recurring security gaps that AI tools often miss, helping ensure AI-generated code meets production security standards.