DEV Community

Cover image for 🤖 code-stream: A Smart CLI for Secure & Healthy Code
Vishal Vaitheeswaran RK
Vishal Vaitheeswaran RK

Posted on

🤖 code-stream: A Smart CLI for Secure & Healthy Code

#devchallenge #githubchallenge #cli #githubcopilot

GitHub Copilot CLI Challenge Submission

This is a submission for the GitHub Copilot CLI Challenge

What I Built

I built code-stream, a lightweight CLI tool that helps developers keep their projects secure and healthy.

As projects grow, it becomes easy to overlook risky patterns, vulnerable dependencies, or exposed secrets. code-stream works like a health check for your codebase, scanning for issues and automatically applying safe fixes.

Key capabilities:

  • 🔍 Detects unsafe patterns like eval() and new Function()
  • 🔐 Flags possible secrets in code
  • 📦 Identifies vulnerable dependencies using npm audit
  • 🔧 Automatically applies safe fixes
  • ⚡ Runs fast with deterministic scanning

The goal was to create a practical tool that improves code security without slowing down development.

Demo

GitHub Repository:
👉 https://github.com/VishalVrk/code-stream

Example Usage

Scan project 

code-stream scan
Enter fullscreen mode Exit fullscreen mode

Output:

⚠ app.js: risky usage → eval(
⚠ Dependencies: 0 critical, 1 high vulnerabilities
Enter fullscreen mode Exit fullscreen mode

Fix issues 

code-stream fix
Enter fullscreen mode Exit fullscreen mode

✔ replaces unsafe patterns
✔ applies dependency fixes
✔ improves code safety

Verify 

code-stream scan
Enter fullscreen mode Exit fullscreen mode

My Experience with GitHub Copilot CLI

GitHub Copilot CLI played an important role in speeding up development and improving code quality.

How I used Copilot CLI:

  • Generated initial CLI scaffolding and command structure
  • Explained security risks like unsafe eval() usage
  • Suggested safer alternatives and secure coding patterns
  • Helped refine vulnerability detection logic
  • Provided ideas to improve performance and usability

Example prompts I used:

gh copilot suggest "safe alternative to eval in javascript"
gh copilot suggest "how to detect secrets in source code"
gh copilot explain npm audit vulnerabilities
Enter fullscreen mode Exit fullscreen mode

Impact on my workflow

Copilot CLI acted like a real-time development assistant:

  • ⚡ reduced research time
  • 🧠 clarified security concepts quickly
  • 🔧 helped implement safer solutions
  • 🚀 improved productivity and confidence

By combining deterministic scanning with AI-assisted guidance, I was able to build a tool that is both efficient and intelligent.

Final Thoughts

Building code-stream showed me how powerful CLI tools can be for improving developer workflows. With GitHub Copilot CLI assisting along the way, the development process became faster, more insightful, and more enjoyable.

This project demonstrates how small, efficient tools can make a big difference in maintaining secure and healthy codebases.

Top comments (0)