redlyne-ai

redlyne-ai / redlyne

Public

Detect and patch vulnerabilities in AI-generated Python code — VS Code extension

redlyne.io ai-generated-code code-security llm-security python security
13
0
100% credibility
Found May 04, 2026 at 13 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Shell
AI Summary

Redlyne is a VS Code extension that scans selected Python code for vulnerabilities common in AI-generated snippets and offers one-click patches, running entirely locally on Windows with WSL2.

How It Works

1
🔍 Discover Redlyne

You hear about Redlyne, a helpful tool that checks AI-written Python code for safety issues right in your code editor.

2
📥 Add it to your editor

Search for Redlyne in your editor's extension store and install it with a simple click – it sets up instantly.

3
📄 Open a Python file

Create or open a file with Python code you got from an AI helper, like Copilot or ChatGPT.

4
✂️ Select your code

Highlight the section of code you're worried about and right-click to start the safety check.

5
🔎 See the results

A quick scan happens on your computer, showing any dangers found and simple fixes suggested.

6
🛠️ Fix with one tap

Review the safe version proposed and confirm to replace your code automatically – it feels secure and easy.

🎉 Code is now safe

Your Python code is cleaned up and protected from common security slips, ready for confident use.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is redlyne?

Redlyne is a VS Code extension that scans selected Python code—especially AI-generated snippets from Copilot or ChatGPT—for vulnerabilities like SQL injection, command injection, and hard-coded secrets, then offers one-click patches directly in your editor. It uses hand-crafted deterministic rules to detect and fix issues without sending code to servers or relying on LLMs, working on incomplete fragments that trip up tools like Bandit or CodeQL. Runs locally via WSL2 on Windows, targeting patterns from real AI output benchmarks.

Why is it gaining traction?

It outperforms static analyzers (higher precision/recall than CodeQL/Semgrep) and LLMs (better patch correctness, no hallucinations) on 600+ AI-generated samples, with reproducible flags and low false positives to cut alert fatigue. Right-click a selection for instant analysis and remediation, preserving code complexity unlike probabilistic fixes. Devs digging github detect-secrets or github detect license flows appreciate its focus on AI-specific bugs like unsafe deserialization.

Who should use this?

Python backend devs pasting Copilot/ChatGPT code into VS Code, security-conscious teams auditing AI-assisted prototypes, or solo hackers spotting OWASP Top 10 risks in fragments. Ideal for Windows/WSL2 users reviewing github actions or ci pipelines where quick vuln detection beats full scans.

Verdict

Try it if you're on Windows+WSL2 and lean on AI for Python—solid benchmarks and editor integration make it useful despite 13 stars and 1.0% credibility score signaling early access roughness like 15s scans and platform limits. Skip for now if you need cross-platform or broader language support; watch for roadmap updates.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.