✓ Verified
💻 Development
✓ Enhanced Data
Hefestoai Auditor
AI-powered architectural guardian with Socratic Adaptive Constitution.
- Rating
- 4 (242 reviews)
- Downloads
- 2,621 downloads
- Version
- 1.0.0
Overview
AI-powered architectural guardian with Socratic Adaptive Constitution.
Complete Documentation
View Source →
HefestoAI Auditor
Static code analysis for security, quality, and complexity. Supports 17 languages.
Privacy: All analysis runs locally. No code is transmitted to external services. No network calls are made during analysis.
Permissions: This tool reads source files in the specified directory (read-only). It does not modify your code.
Install
bash
pip install hefesto-aiQuick Start
bash
hefesto analyze /path/to/project --severity HIGHSeverity Levels
bash
hefesto analyze /path/to/project --severity CRITICAL # Critical only
hefesto analyze /path/to/project --severity HIGH # High + Critical
hefesto analyze /path/to/project --severity MEDIUM # Medium + High + Critical
hefesto analyze /path/to/project --severity LOW # EverythingOutput Formats
bash
hefesto analyze /path/to/project --output text # Terminal (default)
hefesto analyze /path/to/project --output json # Structured JSON
hefesto analyze /path/to/project --output html --save-html report.html # HTML report
hefesto analyze /path/to/project --quiet # Summary onlyStatus and Version
bash
hefesto status
hefesto --versionWhat It Detects
Security Vulnerabilities
- SQL injection and command injection
- Hardcoded secrets (API keys, passwords, tokens)
- Insecure configurations (Dockerfiles, Terraform, YAML)
- Path traversal and XSS risks
Semantic Drift (AI Code Integrity)
- Logic alterations that preserve syntax but change intent
- Architectural degradation from AI-generated code
- Hidden duplicates and inconsistencies in monorepos
Code Quality
- Cyclomatic complexity >10 (HIGH) or >20 (CRITICAL)
- Deep nesting (>4 levels)
- Long functions (>50 lines)
- Code smells and anti-patterns
DevOps Issues
- Dockerfile: missing USER, no HEALTHCHECK, running as root
- Shell: missing
set -euo pipefail, unquoted variables - Terraform: missing tags, hardcoded values
What It Does NOT Detect
- Runtime network attacks (DDoS, port scanning)
- Active intrusions (rootkits, privilege escalation)
- Network traffic monitoring
- For these, use SIEM/IDS/IPS or GCP Security Command Center
Supported Languages (17)
Code: Python, TypeScript, JavaScript, Java, Go, Rust, C#
DevOps/Config: Dockerfile, Jenkins/Groovy, JSON, Makefile, PowerShell, Shell, SQL, Terraform, TOML, YAML
Interpreting Results
text
file.py:42:10
Issue: Hardcoded database password detected
Function: connect_db
Type: HARDCODED_SECRET
Severity: CRITICAL
Suggestion: Move credentials to environment variables or a secrets managerIssue Types
| Type | Severity | Action |
|---|---|---|
| VERY_HIGH_COMPLEXITY | CRITICAL | Fix immediately |
| HIGH_COMPLEXITY | HIGH | Fix in current sprint |
| DEEP_NESTING | HIGH | Refactor nesting levels |
| SQL_INJECTION_RISK | HIGH | Parameterize queries |
| HARDCODED_SECRET | CRITICAL | Remove and rotate |
| LONG_FUNCTION | MEDIUM | Split function |
CI/CD Integration
bash
# Fail build on HIGH or CRITICAL issues
hefesto analyze /path/to/project --fail-on HIGH
# Pre-push git hook
hefesto install-hook
# Limit output
hefesto analyze /path/to/project --max-issues 10
# Exclude specific issue types
hefesto analyze /path/to/project --exclude-types VERY_HIGH_COMPLEXITY,LONG_FUNCTIONLicensing
| Tier | Price | Key Features |
|---|---|---|
| FREE | $0/mo | Static analysis, 17 languages, pre-push hooks |
| PRO | $8/mo | ML semantic analysis, REST API, BigQuery integration, custom rules |
| OMEGA | $19/mo | IRIS monitoring, auto-correlation, real-time alerts, team dashboard |
See pricing and subscribe at hefestoai.narapallc.com.
To activate a license, see the setup guide at hefestoai.narapallc.com/setup.
About
Created by Narapa LLC (Miami, FL) — Arturo Velasquez (@artvepa)
- GitHub: github.com/artvepa80/Agents-Hefesto
- Support: [email protected]
Installation
Terminal bash
openclaw install hefestoai-auditor
Copied!
💻Code Examples
hefesto --version
hefesto---version.txt
---
## What It Detects
### Security Vulnerabilities
- SQL injection and command injection
- Hardcoded secrets (API keys, passwords, tokens)
- Insecure configurations (Dockerfiles, Terraform, YAML)
- Path traversal and XSS risks
### Semantic Drift (AI Code Integrity)
- Logic alterations that preserve syntax but change intent
- Architectural degradation from AI-generated code
- Hidden duplicates and inconsistencies in monorepos
### Code Quality
- Cyclomatic complexity >10 (HIGH) or >20 (CRITICAL)
- Deep nesting (>4 levels)
- Long functions (>50 lines)
- Code smells and anti-patterns
### DevOps Issues
- Dockerfile: missing USER, no HEALTHCHECK, running as root
- Shell: missing `set -euo pipefail`, unquoted variables
- Terraform: missing tags, hardcoded values
### What It Does NOT Detect
- Runtime network attacks (DDoS, port scanning)
- Active intrusions (rootkits, privilege escalation)
- Network traffic monitoring
- For these, use SIEM/IDS/IPS or GCP Security Command Center
---
## Supported Languages (17)
**Code:** Python, TypeScript, JavaScript, Java, Go, Rust, C#
**DevOps/Config:** Dockerfile, Jenkins/Groovy, JSON, Makefile, PowerShell, Shell, SQL, Terraform, TOML, YAML
---
## Interpreting ResultsSuggestion: Move credentials to environment variables or a secrets manager
-suggestion-move-credentials-to-environment-variables-or-a-secrets-manager.txt
### Issue Types
| Type | Severity | Action |
|------|----------|--------|
| `VERY_HIGH_COMPLEXITY` | CRITICAL | Fix immediately |
| `HIGH_COMPLEXITY` | HIGH | Fix in current sprint |
| `DEEP_NESTING` | HIGH | Refactor nesting levels |
| `SQL_INJECTION_RISK` | HIGH | Parameterize queries |
| `HARDCODED_SECRET` | CRITICAL | Remove and rotate |
| `LONG_FUNCTION` | MEDIUM | Split function |
---
## CI/CD Integrationexample.sh
hefesto analyze /path/to/project --severity CRITICAL # Critical only
hefesto analyze /path/to/project --severity HIGH # High + Critical
hefesto analyze /path/to/project --severity MEDIUM # Medium + High + Critical
hefesto analyze /path/to/project --severity LOW # Everythingexample.sh
hefesto analyze /path/to/project --output text # Terminal (default)
hefesto analyze /path/to/project --output json # Structured JSON
hefesto analyze /path/to/project --output html --save-html report.html # HTML report
hefesto analyze /path/to/project --quiet # Summary onlyexample.txt
file.py:42:10
Issue: Hardcoded database password detected
Function: connect_db
Type: HARDCODED_SECRET
Severity: CRITICAL
Suggestion: Move credentials to environment variables or a secrets managerexample.sh
# Fail build on HIGH or CRITICAL issues
hefesto analyze /path/to/project --fail-on HIGH
# Pre-push git hook
hefesto install-hook
# Limit output
hefesto analyze /path/to/project --max-issues 10
# Exclude specific issue types
hefesto analyze /path/to/project --exclude-types VERY_HIGH_COMPLEXITY,LONG_FUNCTIONTags
#coding_agents-and-ides
Quick Info
Category Development
Model Claude 3.5
Complexity One-Click
Author artvepa80
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
Ready to Install?
Get started with this skill in seconds
openclaw install hefestoai-auditor
Related Skills
✓ Verified
💻 Development
4claw
4claw — a moderated imageboard for AI agents.
🧠 Claude-Ready
)}
★ 4.4 (118)
↓ 4,990
v1.0.0
✓ Verified
💻 Development
Aap Passport
Agent Attestation Protocol - The Reverse Turing Test.
🧠 Claude-Ready
)}
★ 4.3 (89)
↓ 4,621
v1.0.0
✓ Verified
💻 Development
Acestep Lyrics Transcription
Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.
⚡ GPT-Optimized
)}
★ 3.8 (274)
↓ 17,648
v1.0.0
✓ Verified
💻 Development
Adaptive Suite
A continuously adaptive skill suite that empowers Clawdbot.
🧠 Claude-Ready
)}
★ 4.7 (88)
↓ 1,625
v1.0.0