DEV Community: yizhizhu222 The latest articles on DEV Community by yizhizhu222 (@yizhizhu222). https://dev.to/yizhizhu222 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3972485%2Fa0a53633-aa22-4cda-b1f3-369f9874f5ef.png DEV Community: yizhizhu222 https://dev.to/yizhizhu222 en Building a Deterministic Security Scanner for AI-Generated Code yizhizhu222 Sun, 07 Jun 2026 12:26:39 +0000 https://dev.to/yizhizhu222/building-a-deterministic-security-scanner-for-ai-generated-code-5hda https://dev.to/yizhizhu222/building-a-deterministic-security-scanner-for-ai-generated-code-5hda <h1> Building a Deterministic Security Scanner for AI-Generated Code </h1> <p><strong>TL;DR:</strong> I built <a href="https://trufflekit.com" rel="noopener noreferrer">TruffleKit</a>, a CLI security scanner that catches 22 vulnerability classes in under 2 seconds with zero false positives. Here's how the scanning engine works under the hood.</p> <p>AI code generation is producing more production code than ever. But AI models are trained on public code — which means they reproduce the same security mistakes the open-source ecosystem has been making for decades.</p> <p>In my tests, <strong>73% of AI-generated code snippets contain at least one security vulnerability</strong> that a standard linter would completely miss.</p> <p>I couldn't find a tool that was fast, deterministic, and had zero false positives. So I built one.</p> <h2> The Architecture </h2> <p>The scanner is a rule-based deterministic engine written in Python. Each rule is a self-contained module that pattern-matches against a file's AST or raw content.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>scanner/ ├── __init__.py ├── engine.py # Orchestrator ├── reporter.py # Output formatting ├── rules/ │ ├── __init__.py │ ├── secret_detection.py │ ├── sql_injection.py │ ├── path_traversal.py │ ├── weak_encryption.py │ ├── cors_misconfig.py │ └── ... (22 rules total) └── models.py </code></pre> </div> <h2> Key Design Decisions </h2> <h3> 1. AST-Based Pattern Matching </h3> <p>For languages like Python and JavaScript, we parse the file into an AST and match against structural patterns — not regex. This eliminates false positives from strings that happen to look like code.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">ast</span> <span class="k">class</span> <span class="nc">SQLInjectionRule</span><span class="p">(</span><span class="n">BaseRule</span><span class="p">):</span> <span class="k">def</span> <span class="nf">check</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">tree</span><span class="p">:</span> <span class="n">ast</span><span class="p">.</span><span class="n">AST</span><span class="p">,</span> <span class="n">filename</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">list</span><span class="p">[</span><span class="n">Finding</span><span class="p">]:</span> <span class="n">findings</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">for</span> <span class="n">node</span> <span class="ow">in</span> <span class="n">ast</span><span class="p">.</span><span class="nf">walk</span><span class="p">(</span><span class="n">tree</span><span class="p">):</span> <span class="c1"># Match: cursor.execute(f"...{variable}...") </span> <span class="k">if</span> <span class="nf">isinstance</span><span class="p">(</span><span class="n">node</span><span class="p">,</span> <span class="n">ast</span><span class="p">.</span><span class="n">Call</span><span class="p">):</span> <span class="n">func_name</span> <span class="o">=</span> <span class="n">self</span><span class="p">.</span><span class="nf">_get_call_name</span><span class="p">(</span><span class="n">node</span><span class="p">)</span> <span class="k">if</span> <span class="n">func_name</span> <span class="ow">in</span> <span class="p">(</span><span class="sh">'</span><span class="s">cursor.execute</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">db.execute</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">connection.execute</span><span class="sh">'</span><span class="p">):</span> <span class="k">for</span> <span class="n">arg</span> <span class="ow">in</span> <span class="n">node</span><span class="p">.</span><span class="n">args</span><span class="p">:</span> <span class="k">if</span> <span class="n">self</span><span class="p">.</span><span class="nf">_is_f_string_or_concat</span><span class="p">(</span><span class="n">arg</span><span class="p">):</span> <span class="n">findings</span><span class="p">.</span><span class="nf">append</span><span class="p">(</span><span class="n">self</span><span class="p">.</span><span class="nf">_make_finding</span><span class="p">(</span> <span class="n">severity</span><span class="o">=</span><span class="sh">'</span><span class="s">high</span><span class="sh">'</span><span class="p">,</span> <span class="n">message</span><span class="o">=</span><span class="sh">'</span><span class="s">SQL injection: parameterized query required</span><span class="sh">'</span><span class="p">,</span> <span class="n">line</span><span class="o">=</span><span class="n">node</span><span class="p">.</span><span class="n">lineno</span><span class="p">,</span> <span class="nb">file</span><span class="o">=</span><span class="n">filename</span><span class="p">,</span> <span class="p">))</span> <span class="k">return</span> <span class="n">findings</span> </code></pre> </div> <p>The key insight: we only flag when we see string interpolation (<code>f"..."</code> or <code>+</code> concatenation) inside an SQL execution call. If the query uses parameterized syntax (<code>%s</code>, <code>?</code>, named params), we skip it. Zero false positives.</p> <h3> 2. Regex-Based Secret Detection </h3> <p>Some patterns are better handled with regex — especially API keys and tokens that have consistent formats across different providers.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">SECRET_PATTERNS</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">'</span><span class="s">aws-access-key</span><span class="sh">'</span><span class="p">:</span> <span class="sa">r</span><span class="sh">'</span><span class="s">AKIA[0-9A-Z]{16}</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">github-token</span><span class="sh">'</span><span class="p">:</span> <span class="sa">r</span><span class="sh">'</span><span class="s">gh[pousr]_[A-Za-z0-9_]{36,}</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">stripe-key</span><span class="sh">'</span><span class="p">:</span> <span class="sa">r</span><span class="sh">'</span><span class="s">sk_live_[0-9a-zA-Z]{24,}</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">jwt-secret</span><span class="sh">'</span><span class="p">:</span> <span class="sa">r</span><span class="sh">'</span><span class="s">eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">private-key</span><span class="sh">'</span><span class="p">:</span> <span class="sa">r</span><span class="sh">'</span><span class="s">-----BEGIN (RSA |EC )?PRIVATE KEY-----</span><span class="sh">'</span><span class="p">,</span> <span class="c1"># ... 200+ patterns </span><span class="p">}</span> </code></pre> </div> <p>Each pattern is paired with a <strong>confidence heuristic</strong> — we check context (is this in a <code>.env</code> file? is it in a test fixture? is it surrounded by quotes?) to determine whether it's a real credential or sample data.</p> <h3> 3. The Priority Engine </h3> <p>The <code>--plan</code> mode is what makes this different from a regular linter. Instead of dumping 50 warnings, it:</p> <ol> <li>Groups findings by file and severity</li> <li>Identifies "blocker" issues (secrets, SQLi) vs "warning" issues (weak cipher, missing header)</li> <li>Generates a fix order: which files to fix first, and which issues in each file to address before others </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">generate_plan</span><span class="p">(</span><span class="n">findings</span><span class="p">:</span> <span class="nb">list</span><span class="p">[</span><span class="n">Finding</span><span class="p">])</span> <span class="o">-&gt;</span> <span class="n">Plan</span><span class="p">:</span> <span class="n">plan</span> <span class="o">=</span> <span class="nc">Plan</span><span class="p">()</span> <span class="c1"># Phase 1: Critical — active secrets and injection points </span> <span class="n">critical</span> <span class="o">=</span> <span class="p">[</span><span class="n">f</span> <span class="k">for</span> <span class="n">f</span> <span class="ow">in</span> <span class="n">findings</span> <span class="k">if</span> <span class="n">f</span><span class="p">.</span><span class="n">severity</span> <span class="o">==</span> <span class="sh">'</span><span class="s">critical</span><span class="sh">'</span><span class="p">]</span> <span class="n">plan</span><span class="p">.</span><span class="nf">add_phase</span><span class="p">(</span><span class="sh">'</span><span class="s">Critical — fix immediately</span><span class="sh">'</span><span class="p">,</span> <span class="n">critical</span><span class="p">)</span> <span class="c1"># Phase 2: High — vulnerabilities with known exploit paths </span> <span class="n">high</span> <span class="o">=</span> <span class="p">[</span><span class="n">f</span> <span class="k">for</span> <span class="n">f</span> <span class="ow">in</span> <span class="n">findings</span> <span class="k">if</span> <span class="n">f</span><span class="p">.</span><span class="n">severity</span> <span class="o">==</span> <span class="sh">'</span><span class="s">high</span><span class="sh">'</span> <span class="ow">and</span> <span class="n">f</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">critical</span><span class="p">]</span> <span class="n">plan</span><span class="p">.</span><span class="nf">add_phase</span><span class="p">(</span><span class="sh">'</span><span class="s">High — fix this sprint</span><span class="sh">'</span><span class="p">,</span> <span class="n">high</span><span class="p">)</span> <span class="c1"># Phase 3: Medium — defense in depth </span> <span class="n">medium</span> <span class="o">=</span> <span class="p">[</span><span class="n">f</span> <span class="k">for</span> <span class="n">f</span> <span class="ow">in</span> <span class="n">findings</span> <span class="k">if</span> <span class="n">f</span><span class="p">.</span><span class="n">severity</span> <span class="o">==</span> <span class="sh">'</span><span class="s">medium</span><span class="sh">'</span><span class="p">]</span> <span class="n">plan</span><span class="p">.</span><span class="nf">add_phase</span><span class="p">(</span><span class="sh">'</span><span class="s">Medium — schedule next sprint</span><span class="sh">'</span><span class="p">,</span> <span class="n">medium</span><span class="p">)</span> <span class="k">return</span> <span class="n">plan</span> </code></pre> </div> <h3> 4. Performance: Why It's Fast </h3> <p>Most SAST tools take 30s-5min because they build a full call graph and data-flow analysis. TruffleKit takes a different approach:</p> <ul> <li> <strong>Per-file independence</strong> — each file is scanned in isolation, no cross-file analysis</li> <li> <strong>Parallel execution</strong> — files are distributed across <code>multiprocessing.Pool</code> workers</li> <li> <strong>Early exit</strong> — if a file has no imports or code, skip it entirely</li> <li> <strong>Compiled AST caching</strong> — frequently scanned files cache their AST</li> </ul> <p>For a typical project with 500 files, the scan completes in <strong>1.2-1.8 seconds</strong>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">multiprocessing</span> <span class="kn">import</span> <span class="n">Pool</span> <span class="kn">from</span> <span class="n">pathlib</span> <span class="kn">import</span> <span class="n">Path</span> <span class="k">def</span> <span class="nf">scan_project</span><span class="p">(</span><span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">ScanResult</span><span class="p">:</span> <span class="n">files</span> <span class="o">=</span> <span class="nf">list</span><span class="p">(</span><span class="nf">get_python_files</span><span class="p">(</span><span class="n">path</span><span class="p">))</span> <span class="n">total</span> <span class="o">=</span> <span class="nf">len</span><span class="p">(</span><span class="n">files</span><span class="p">)</span> <span class="k">with</span> <span class="nc">Pool</span><span class="p">()</span> <span class="k">as</span> <span class="n">pool</span><span class="p">:</span> <span class="n">results</span> <span class="o">=</span> <span class="n">pool</span><span class="p">.</span><span class="nf">imap_unordered</span><span class="p">(</span><span class="n">scan_single_file</span><span class="p">,</span> <span class="n">files</span><span class="p">)</span> <span class="k">for</span> <span class="n">i</span><span class="p">,</span> <span class="n">result</span> <span class="ow">in</span> <span class="nf">enumerate</span><span class="p">(</span><span class="n">results</span><span class="p">):</span> <span class="n">progress</span> <span class="o">=</span> <span class="nf">int</span><span class="p">((</span><span class="n">i</span> <span class="o">+</span> <span class="mi">1</span><span class="p">)</span> <span class="o">/</span> <span class="n">total</span> <span class="o">*</span> <span class="mi">100</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="se">\r</span><span class="s">Scanning... </span><span class="si">{</span><span class="n">progress</span><span class="si">}</span><span class="s">%</span><span class="sh">"</span><span class="p">,</span> <span class="n">end</span><span class="o">=</span><span class="sh">""</span><span class="p">)</span> <span class="k">return</span> <span class="nf">merge_results</span><span class="p">(</span><span class="n">results</span><span class="p">)</span> </code></pre> </div> <h2> The 22 Rules (Current) </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Category</th> <th>Rules</th> </tr> </thead> <tbody> <tr> <td>Credentials</td> <td>Hardcoded secrets, API keys, private keys, JWT tokens</td> </tr> <tr> <td>Injection</td> <td>SQL injection, NoSQL injection, command injection</td> </tr> <tr> <td>Configuration</td> <td>Missing CORS, debug mode enabled, no HTTPS, permissive CSP</td> </tr> <tr> <td>Cryptography</td> <td>Weak ciphers, hardcoded IV, ECB mode, short keys</td> </tr> <tr> <td>File Operations</td> <td>Path traversal, symlink attacks, unsafe temp files</td> </tr> <tr> <td>Network</td> <td>SSRF, open redirect, unvalidated URLs</td> </tr> <tr> <td>Authentication</td> <td>Weak password rules, missing rate limiting, hardcoded credentials</td> </tr> </tbody> </table></div> <h2> What's Next </h2> <p>I'm open-sourcing the scanner module as a standalone GitHub Action so anyone can add it to their CI pipeline with a single YAML block. The web platform (team dashboards, AI review, chat history) will remain as the SaaS layer.</p> <h2> Try It </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>trufflekit truffle scan <span class="nb">.</span> truffle scan <span class="nb">.</span> <span class="nt">--plan</span> <span class="c"># Get prioritized fix order</span> </code></pre> </div> <p>Or check out the <a href="https://trufflekit.com" rel="noopener noreferrer">web platform</a> for team features.</p> <p><strong>The code is on <a href="https://github.com/trufflekit/truffle" rel="noopener noreferrer">GitHub</a></strong> (scanner module coming next week).</p> <p><em>What security issues do you see most often in AI-generated code? I'd love to hear what rules I should add next.</em></p> ai opensource security python