weareaisle

weareaisle / nano-analyzer

Public

A minimal LLM-powered zero-day vulnerability scanner by AISLE.

aisle.com
188
39
100% credibility
Found Apr 15, 2026 at 117 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

A single-file Python tool that uses AI models to scan source code for zero-day vulnerabilities, focused on C/C++ memory issues, with a multi-round review process to validate findings.

How It Works

1
🔍 Discover the code checker

You learn about a handy little tool that uses smart AI to spot hidden security weaknesses in your program's code.

2
📥 Get the tool

Download the single simple file that does all the work, no extra setup needed.

3
🔗 Connect a smart helper

Link it to an AI thinking service by sharing a private password, so it can understand your code deeply.

4
📁 Pick your code

Choose a folder or single file full of your source code to examine for dangers.

5
🚀 Launch the check

Start the tool and see it eagerly dive into your files, creating security overviews and hunting for problems.

6
Watch it work

It carefully reviews each part, double-checks suspicious spots with extra scrutiny, and sorts real issues from false alarms.

📊 See your safety report

Enjoy clear reports and lists of potential fixes, helping you strengthen your code confidently.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 117 to 188 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is nano-analyzer?

Nano-analyzer is a single-file Python tool from Aisle that scans source code for zero-day vulnerabilities using LLMs via OpenAI or OpenRouter APIs. Point it at a file or directory with `python scan.py ./src`, and it generates security context, hunts bugs function-by-function, then runs skeptical triage with repo greps to validate findings. Outputs land in timestamped folders as Markdown summaries, JSON data, and triaged reports – ideal for C/C++ memory safety checks like overflows or null derefs.

Why is it gaining traction?

Its minimal github action vibe – no deps, instant run after API key setup – hooks devs tired of bulky SAST tools. LLM pipeline catches novel zero-days traditional scanners miss, while multi-round triage slashes false positives via code verification. At 72 stars, it spreads as a lightweight experiment for probing repos without workflow overhead.

Who should use this?

C/C++ maintainers auditing PRs for memory bugs before merge. Security researchers prototyping LLM-based scanning on open source. Teams needing a fast, zero-setup second pass on code from untrusted contributors.

Verdict

Grab it for quick zero-day probes on C/C++ code, but verify everything – it's a v0.1 prototype with false positives/negatives and single-file limits. 1.0% credibility score and low stars signal raw maturity; use alongside CodeQL or manual review, not solo.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.