Home / usestrix / strix
Repository Analysis

usestrix/strix

Open-source AI hackers to find and fix your app’s vulnerabilities.

11.4 Low AI signal View on GitHub
11.4
Adjusted Score
11.4
Raw Score
100%
Time Factor
2026-05-28
Last Push
25,688
Stars
Python
Language
25,067
Lines of Code
144
Files
233
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 0HIGH 7MEDIUM 17LOW 209

Pattern Findings

233 matches across 10 categories. Click a row to expand file-level details.

Unused Imports68 hits · 68 pts
SeverityFileLineSnippet
LOWstrix/interface/__init__.py1
LOWstrix/interface/tui/live_view.py3
LOWstrix/interface/tui/__init__.py3
LOWstrix/interface/tui/__init__.py3
LOWstrix/interface/tui/messages.py3
LOWstrix/interface/tui/history.py3
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py1
LOWstrix/interface/tui/renderers/__init__.py14
LOWstrix/interface/tui/renderers/filesystem_renderer.py1
LOWstrix/tools/reporting/tool.py3
LOWstrix/tools/web_search/tool.py3
LOWstrix/tools/proxy/tools.py3
LOWstrix/tools/proxy/caido_api.py3
LOWstrix/tools/todo/tools.py3
LOWstrix/tools/notes/tools.py3
LOWstrix/tools/thinking/tool.py3
LOWstrix/tools/finish/tool.py3
LOWstrix/tools/load_skill/tool.py3
LOWstrix/tools/agents_graph/tools.py3
LOWstrix/core/sessions.py3
LOWstrix/core/sessions.py13
LOWstrix/core/runner.py3
LOWstrix/core/hooks.py3
LOWstrix/core/execution.py3
LOWstrix/core/execution.py23
LOWstrix/core/paths.py3
LOWstrix/core/agents.py3
LOWstrix/core/inputs.py3
LOWstrix/config/models.py3
LOWstrix/config/__init__.py14
LOWstrix/config/__init__.py14
LOWstrix/config/__init__.py14
LOWstrix/config/__init__.py19
LOWstrix/config/__init__.py19
LOWstrix/config/__init__.py19
LOWstrix/config/__init__.py19
LOWstrix/config/__init__.py19
LOWstrix/config/loader.py3
LOWstrix/config/settings.py3
LOWstrix/runtime/session_manager.py3
LOWstrix/runtime/backends.py3
LOWstrix/runtime/docker_client.py23
LOWstrix/runtime/caido_bootstrap.py10
LOWstrix/agents/factory.py3
LOWstrix/agents/prompt.py3
LOWstrix/report/dedupe.py3
LOWstrix/report/__init__.py3
LOWstrix/report/__init__.py4
LOWstrix/report/__init__.py4
LOWstrix/report/__init__.py4
8 more matches not shown…
Excessive Try-Catch Wrapping50 hits · 55 pts
SeverityFileLineSnippet
LOWstrix/interface/cli.py167 except Exception:
LOWstrix/interface/cli.py193 except Exception as e:
LOWstrix/interface/utils.py423 except Exception:
LOWstrix/interface/utils.py439 except Exception:
LOWstrix/interface/main.py236 except Exception as e:
LOWstrix/interface/main.py264 except Exception:
LOWstrix/interface/main.py416 except Exception as e:
LOWstrix/interface/main.py733 except Exception as e:
MEDIUMstrix/interface/main.py259def get_version() -> str:
LOWstrix/interface/tui/messages.py39 except Exception:
MEDIUMstrix/interface/tui/app.py1162def _update_agent_status_display(self) -> None:
LOWstrix/interface/tui/app.py924 except Exception:
LOWstrix/interface/tui/app.py1383 except Exception as e:
LOWstrix/interface/tui/app.py1394 except Exception:
LOWstrix/interface/tui/app.py1820 except Exception:
LOWstrix/interface/tui/app.py1831 except Exception:
LOWstrix/tools/reporting/tool.py135 except Exception:
LOWstrix/tools/web_search/tool.py107 except Exception:
LOWstrix/tools/proxy/tools.py54 except Exception: # noqa: BLE001
LOWstrix/tools/proxy/tools.py209 except Exception as exc: # noqa: BLE001
LOWstrix/tools/proxy/tools.py288 except Exception as exc: # noqa: BLE001
LOWstrix/tools/proxy/tools.py389 except Exception as exc: # noqa: BLE001
LOWstrix/tools/proxy/tools.py452 except Exception as exc: # noqa: BLE001
LOWstrix/tools/proxy/tools.py477 except Exception as exc: # noqa: BLE001
LOWstrix/tools/proxy/tools.py595 except Exception as exc: # noqa: BLE001
LOWstrix/tools/proxy/caido_api.py208 except Exception: # noqa: BLE001 - tolerate any malformed raw bytes; None signals "unparseable" to the caller.
LOWstrix/tools/todo/tools.py99 except Exception:
LOWstrix/tools/notes/tools.py81 except Exception:
LOWstrix/tools/agents_graph/tools.py440 except Exception as e:
LOWstrix/core/hooks.py53 except Exception:
LOWstrix/core/execution.py253 except Exception:
LOWstrix/core/execution.py356 except Exception:
LOWstrix/core/execution.py362 except Exception as exc:
LOWstrix/core/execution.py370 except Exception:
LOWstrix/core/agents.py125 except Exception:
LOWstrix/core/agents.py301 except Exception:
LOWstrix/runtime/session_manager.py123 except Exception: # noqa: BLE001
LOWstrix/runtime/session_manager.py129 except Exception:
LOWstrix/agents/factory.py116 except Exception as exc: # noqa: BLE001 - tool errors should be model-visible results.
LOWstrix/agents/factory.py131 except Exception as exc: # noqa: BLE001 - matches SDK CustomTool error-as-result behavior.
LOWstrix/agents/prompt.py97 except Exception:
LOWstrix/report/dedupe.py231 except Exception as e:
LOWstrix/report/usage.py90 except Exception:
LOWstrix/report/usage.py107 except Exception:
LOWstrix/report/usage.py184 except Exception: # noqa: BLE001 - LiteLLM raises plain Exception for unknown model prices.
LOWstrix/skills/custom/source_aware_sast.md39except Exception:
LOWstrix/telemetry/_common.py38 except Exception: # noqa: BLE001, S110
MEDIUMstrix/telemetry/_common.py19def get_version() -> str:
LOWstrix/telemetry/posthog.py47 except Exception: # noqa: BLE001
LOWstrix/telemetry/scarf.py48 except Exception: # noqa: BLE001
Hyper-Verbose Identifiers53 hits · 54 pts
SeverityFileLineSnippet
LOWstrix/interface/utils.py58def format_vulnerability_report(report: dict[str, Any]) -> Text: # noqa: PLR0915
LOWstrix/interface/utils.py206def _build_vulnerability_stats(stats_text: Text, report_state: Any) -> None:
LOWstrix/interface/utils.py409def _derive_target_label_for_run_name(targets_info: list[dict[str, Any]] | None) -> str: # noqa: PLR0911
LOWstrix/interface/utils.py629def _resolve_default_branch_name(repo_path: Path, env: dict[str, str]) -> str | None:
LOWstrix/interface/utils.py803def build_diff_scope_instruction(scopes: list[RepoDiffScope]) -> str:
LOWstrix/interface/utils.py872def _should_activate_auto_scope(
LOWstrix/interface/utils.py965def resolve_diff_scope_context(
LOWstrix/interface/utils.py1232def rewrite_localhost_targets(targets_info: list[dict[str, Any]], host_gateway: str) -> None:
LOWstrix/interface/main.py530def display_completion_message(args: argparse.Namespace, results_path: Path) -> None:
LOWstrix/interface/tui/live_view.py50 def _hydrate_sdk_session_history(self, run_dir: Path, agent_ids: Any) -> None:
LOWstrix/interface/tui/live_view.py123 def _ingest_raw_response_event(self, agent_id: str, data: Any) -> None:
LOWstrix/interface/tui/live_view.py130 def _ingest_session_history_item(
LOWstrix/interface/tui/live_view.py177 def _record_assistant_message(self, agent_id: str, content: str, *, final: bool) -> None:
LOWstrix/interface/tui/messages.py13def send_user_message_to_agent(
LOWstrix/interface/tui/app.py1022 def _get_chat_placeholder_content(
LOWstrix/interface/tui/app.py1081 def _get_rendered_events_content(self, events: list[dict[str, Any]]) -> Any:
LOWstrix/interface/tui/app.py1108 def _get_status_display_content(
LOWstrix/interface/tui/app.py1162 def _update_agent_status_display(self) -> None:
LOWstrix/interface/tui/app.py1221 def _update_vulnerabilities_panel(self) -> None:
LOWstrix/interface/tui/app.py1329 def _agent_vulnerability_count(self, agent_id: str) -> int:
LOWstrix/interface/tui/app.py1500 def _reorganize_orphaned_agents(self, new_parent_id: str) -> None:
LOWstrix/interface/tui/app.py1565 def handle_tree_node_selected(self, event: Tree.NodeSelected) -> None:
LOWstrix/interface/tui/app.py1651 def action_stop_selected_agent(self) -> None:
LOWstrix/interface/tui/app.py1673 def _validate_agent_for_stopping(self) -> tuple[str, bool]:
LOWstrix/interface/tui/app.py1696 def action_confirm_stop_agent(self, agent_id: str) -> None:
LOWstrix/interface/tui/renderers/registry.py42def _render_default_tool_widget(tool_data: dict[str, Any]) -> Static:
LOWstrix/interface/tui/renderers/agent_message_renderer.py120def _process_inline_formatting(line: str) -> Text:
LOWstrix/tools/reporting/tool.py51def _normalize_code_locations(
LOWstrix/tools/reporting/tool.py302async def create_vulnerability_report(
LOWstrix/tools/proxy/tools.py393def _format_replay_tool_result(replay: dict[str, Any]) -> str:
LOWstrix/tools/proxy/caido_api.py102async def list_requests_with_client(
LOWstrix/tools/proxy/caido_api.py529def _clean_sitemap_request_summary(req: dict[str, Any] | None) -> dict[str, Any] | None:
LOWstrix/tools/proxy/caido_api.py609async def view_sitemap_entry_with_client(
LOWstrix/tools/agents_graph/tools.py29def _render_completion_report(
LOWstrix/core/sessions.py25async def strip_latest_image_from_session(session: Session) -> bool:
LOWstrix/core/execution.py259async def _run_noninteractive_until_lifecycle(
LOWstrix/core/execution.py433async def _append_noninteractive_tool_required_message(
LOWstrix/core/agents.py190 async def cancel_descendants_graceful(self, agent_id: str) -> None:
LOWstrix/config/models.py39def configure_sdk_model_defaults(settings: Settings) -> None:
LOWstrix/config/models.py59def _configure_litellm_compatibility() -> None:
LOWstrix/config/models.py67def _configure_litellm_default(name: str, value: str) -> None:
LOWstrix/config/models.py95def uses_chat_completions_tool_schema(model_name: str, settings: Settings) -> bool:
LOWstrix/agents/factory.py110def _function_tool_with_error_result(tool: FunctionTool) -> FunctionTool:
LOWstrix/agents/factory.py124def _custom_tool_as_function_tool(tool: CustomTool) -> FunctionTool:
LOWstrix/agents/factory.py162def _configure_chat_completions_filesystem_tools(toolset: Any) -> None:
LOWstrix/agents/factory.py269def _lifecycle_tool_completed(tool_name: str, output: Any) -> bool:
LOWstrix/agents/factory.py300def _finish_tool_use_behavior(
LOWstrix/report/dedupe.py94def _prepare_report_for_comparison(report: dict[str, Any]) -> dict[str, Any]:
LOWstrix/report/usage.py153def _estimate_litellm_entry_cost(entry: Any, model: str) -> float | None:
LOWstrix/report/state.py213 def get_existing_vulnerabilities(self) -> list[dict[str, Any]]:
LOWstrix/report/state.py301 def _format_final_scan_result(self, scan_results: dict[str, Any]) -> str:
LOWstrix/skills/__init__.py41def validate_requested_skills(skill_list: list[str], max_skills: int = 5) -> str | None:
LOWstrix/telemetry/logging.py67def configure_dependency_logging() -> None:
Deep Nesting40 hits · 39 pts
SeverityFileLineSnippet
LOWstrix/interface/cli.py38
LOWstrix/interface/utils.py58
LOWstrix/interface/utils.py803
LOWstrix/interface/utils.py1232
LOWstrix/interface/utils.py1365
LOWstrix/interface/utils.py1378
LOWstrix/interface/main.py60
LOWstrix/interface/main.py268
LOWstrix/interface/tui/app.py176
LOWstrix/interface/tui/app.py306
LOWstrix/interface/tui/app.py459
LOWstrix/interface/tui/app.py911
LOWstrix/interface/tui/app.py1065
LOWstrix/interface/tui/renderers/proxy_renderer.py44
LOWstrix/interface/tui/renderers/proxy_renderer.py121
LOWstrix/interface/tui/renderers/proxy_renderer.py208
LOWstrix/interface/tui/renderers/proxy_renderer.py306
LOWstrix/interface/tui/renderers/proxy_renderer.py390
LOWstrix/interface/tui/renderers/proxy_renderer.py455
LOWstrix/interface/tui/renderers/reporting_renderer.py89
LOWstrix/interface/tui/renderers/filesystem_renderer.py82
LOWstrix/interface/tui/renderers/notes_renderer.py98
LOWstrix/interface/tui/renderers/agent_message_renderer.py64
LOWstrix/interface/tui/renderers/agent_message_renderer.py120
LOWstrix/tools/reporting/tool.py51
LOWstrix/tools/reporting/tool.py81
LOWstrix/tools/proxy/tools.py87
LOWstrix/tools/proxy/caido_api.py246
LOWstrix/tools/proxy/caido_api.py427
LOWstrix/tools/notes/tools.py226
LOWstrix/core/runner.py53
LOWstrix/core/execution.py323
LOWstrix/core/inputs.py21
LOWstrix/config/loader.py56
LOWstrix/config/loader.py92
LOWstrix/runtime/caido_bootstrap.py33
LOWstrix/report/writer.py117
LOWstrix/skills/__init__.py61
LOWstrix/telemetry/logging.py80
LOWstrix/telemetry/logging.py134
Magic Placeholder Names6 hits · 30 pts
SeverityFileLineSnippet
HIGHREADME.md85export LLM_API_KEY="your-api-key"
HIGHREADME.md229export LLM_API_KEY="your-api-key"
HIGHREADME.md233export PERPLEXITY_API_KEY="your-api-key" # for search capabilities
HIGHCONTRIBUTING.md34 export LLM_API_KEY="your-api-key"
HIGHstrix/interface/main.py146 "export LLM_API_KEY='your-api-key-here' "
HIGHscripts/install.sh339echo -e " ${MUTED}export LLM_API_KEY='your-api-key'${NC}"
Decorative Section Separators12 hits · 28 pts
SeverityFileLineSnippet
MEDIUMpyproject.toml67# ============================================================================
MEDIUMpyproject.toml69# ============================================================================
MEDIUMpyproject.toml107# ============================================================================
MEDIUMpyproject.toml109# ============================================================================
MEDIUMpyproject.toml247# ============================================================================
MEDIUMpyproject.toml249# ============================================================================
MEDIUMpyproject.toml277# ============================================================================
MEDIUMpyproject.toml279# ============================================================================
MEDIUMpyproject.toml299# ============================================================================
MEDIUMpyproject.toml301# ============================================================================
MEDIUMpyproject.toml314# ============================================================================
MEDIUMpyproject.toml316# ============================================================================
Docstring Block Structure1 hit · 5 pts
SeverityFileLineSnippet
HIGHstrix/tools/proxy/tools.py96List captured HTTP requests from the Caido proxy with HTTPQL filtering. Caido HTTPQL syntax (operators differ by fi
AI Slop Vocabulary1 hit · 3 pts
SeverityFileLineSnippet
MEDIUMpyproject.toml125# Enable comprehensive rule sets
Self-Referential Comments1 hit · 3 pts
SeverityFileLineSnippet
MEDIUMstrix/tools/proxy/caido_api.py292 # Create an empty replay session, then dispatch via ``send()``.
Fake / Example Data1 hit · 1 pts
SeverityFileLineSnippet
LOWstrix/skills/tooling/agent_browser.md181agent-browser fill @e3 "user@example.com"