The latest articles on DEV Community by Drift Zef (@driftapplied). https://dev.to/driftapplied https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3943091%2Feb364edc-6521-496b-9820-0b4fd26c9993.jpeg https://dev.to/driftapplied en Drift Zef Thu, 21 May 2026 01:26:44 +0000 https://dev.to/driftapplied/i-kept-seeing-the-same-dumb-mistakes-in-ai-generated-code-so-i-built-a-local-tool-to-catch-them-1kab https://dev.to/driftapplied/i-kept-seeing-the-same-dumb-mistakes-in-ai-generated-code-so-i-built-a-local-tool-to-catch-them-1kab <p>I've been using AI coding tools pretty heavily lately — mostly GROK fast code and some sonnet and haiku. The speed is incredible, and It's been fun to learn, but I started noticing the same patterns of mistakes showing up in the code.<br> Not huge architectural disasters. Just the small, annoying things that are easy to miss when you're moving fast and building with AI:</p> <ul> <li>Bare <code>except:</code> blocks that swallow every error</li> <li>Extremely generic function names like <code>process()</code>, <code>handle()</code>, or <code>execute()</code> </li> <li>Code that confidently references imports or error paths that don't actually exist These aren't hard to spot if you're carefully reviewing every line, but when you're accepting a lot of AI suggestions, they slip through more often than I'd like.</li> </ul> <h3> Another example </h3> <h1> try: </h1> <h1> result = db.execute(query) </h1> <h1> return result </h1> <h1> except: </h1> <h1> return None </h1> <p>This was generated code that would have silently hidden database failures in production. The tool caught it immediately.</p> <p>Why I built something.</p> <p>I got tired of catching the same classes of issues by hand, so I made a small, local CLI tool to do it for me.<br> It's called DriftCode Auditor. It runs entirely on your machine (no code is sent anywhere). I used AI to build it and guide the entire process, but behind it all is a human being. DriftCode Auditor respects .gitignore, and is fast enough to run on real projects.<br> It currently focuses on three main areas:</p> <ul> <li>Privacy risks (hardcoded secrets, PII, etc.)</li> <li>Maintainability issues (long functions, generic names, missing error handling, etc.)</li> <li>Some basic architecture smells The goal isn't to replace thoughtful code review. It's to act as a quick safety net for the obvious stuff that AI tends to generate.</li> </ul> <p>How to try it</p> <p>If you want to kick the tires:</p> <p>pipx install driftcode-auditor</p> <p>driftcode-auditor --path . --privacy --maintainability</p> <p>It works on any codebase and gives you a clear report of what it found.<br> What I'm doing now<br> I'm currently testing the tool with real users to figure out what's actually useful. I posted a thread on X earlier today sharing some of the patterns it's been catching.<br> If you use AI coding tools regularly, I'd genuinely appreciate it if you tried it on something you've been working on and told me what it found (or missed). Even "it didn't catch anything" is useful feedback.</p> <p>GitHub: <a href="https://github.com/DriftApplied/driftcode-auditor" rel="noopener noreferrer">https://github.com/DriftApplied/driftcode-auditor</a></p> <p>Discussions (where people can share real examples): <a href="https://github.com/DriftApplied/driftcode-auditor/discussions" rel="noopener noreferrer">https://github.com/DriftApplied/driftcode-auditor/discussions</a></p> <p>I'm also happy to take suggestions for new rules or improvements.</p> <p>Drift Zev<br> DistortionApplied<br> X <a class="mentioned-user" href="https://dev.to/driftapplied">@driftapplied</a></p> ai python showdev tooling