Open Source SAST

v2.1.0Go support is here: 21 security rules, 6.6x faster scans

Trace vulnerabilities across your entire codebase

Name: Code Pathfinder
Author: Shivasurya

Cross-file dataflow analysis. Type-aware. Open source SAST that cuts through the noise and finds real vulnerabilities.

Install Now GitHub

Installation

Get started in seconds

brew install shivasurya/tap/pathfinder

macOS & Linux • v2.1.0

Supported languages

Python

Docker

Docker Compose

C (soon)

C++ (soon)

Why Pathfinder

Developers trust findings from Code Pathfinder

SecureFlow AI

Say goodbye to false positives

Get findings you feel confident bringing to developers across SAST, SCA, and Secrets scanning. Filter out the false positives that traditional tools always flag with contextual, AI-powered noise filtering.

Read our guide on reducing false positives

Security Dashboard

Critical

-100%

High

-90%

Medium

No change

Vulnerability Trend (Last 30 days)

Jan 1Jan 30

api/views.py

1from django.db import connection

3def get_user(user_id):

4cursor = connection.cursor()

5query = f"SELECT * FROM users WHERE id = {user_id}"

6cursor.execute(query)

7return cursor.fetchone()

SQL Injection (CWE-89)

User input flows to SQL execution without sanitization

Code Graph Analysis

Eliminate developer friction

Automatically hide likely false positives from developers. Present findings and fixes to developers in their native workflows with structural search, call graphs, and source-to-sink tracing.

Explore security rules and code graph analysis

CI/CD Integration

Easily operationalize and scale

See findings in your editor, pull requests, and CI pipelines with a single configuration. Export SARIF and DefectDojo reports with severity mapping for smooth triage and tracking.

View GitHub Actions integration New: PR summary comments & inline security findings

.github/workflows/security.yml

name: Security Scan

on: [push, pull_request]

jobs:

security:

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v6

- name: Run Code Pathfinder

run: |

npm install -g codepathfinder

pathfinder ci --project . --ruleset cpf/python

Build passing

0 vulnerabilities

Performance

Performance that doesn't compromise security

Lightning-fast scans with AI precision that actually catches vulnerabilities.

98%

Fewer false positives with AI filtering

10s

Median CI scan time

12+

AI models supported

Security Registry

Security rules that grow with threats

Protect your code with an ever-growing set of security rules covering OWASP Top 10, CVEs, and framework-specific vulnerabilities.

apt-get Without --no-install-recommends

LOW

apt-get install without --no-install-recommends. This installs unnecessary packages, increasing image size and attack surface.

dockerdockerfileapt-get+8

2026-04-13Docker

Missing no-new-privileges Security Option

MEDIUM

Service does not have no-new-privileges security option. Without this, processes inside the container can gain additional privileges via setuid binaries or capability escalation.

docker-composecomposeno-new-privileges+5

2026-04-13Docker Compose

Lambda Command Injection via subprocess

CRITICAL

Lambda event data flows to subprocess with shell=True or as a string command, enabling OS command injection in the Lambda execution environment.

pythonawslambda+7

2026-04-13Python

MD5 Used for Password Hashing

CRITICAL

MD5 hash output flows into password-related functions — MD5 runs at 164 billion hashes/second on a single GPU, making any MD5-hashed password database crackable in seconds to minutes.

gosecuritycrypto+6

2026-04-13Go

Invalid Port Number

HIGH

EXPOSE instruction has invalid port number. Valid ports are 1-65535.

dockerdockerfileport+6

2026-04-13Docker

SELinux Separation Disabled

MEDIUM

Service has label:disable in security_opt, which disables SELinux mandatory access control. This removes an important defense-in-depth layer for container isolation.

docker-composecomposeselinux+6

2026-04-13Docker Compose

View all security rules

AI Integration

Connect your AI assistant to your codebase

Query your codebase with natural language through Claude Code, Codex, OpenCode, or Windsurf. Get instant answers about function calls, dependencies, and code structure without leaving your editor.

Natural Language Queries

Ask “What calls this function?” or “Show me all database queries”

Deep Call Graph Analysis

Trace function calls, dependencies, and data flows across your entire project

Multi-Project Support

Query across microservices, monorepos, and complex architectures

Learn about MCP Server Quick Setup Guide

Example Query

Ask your AI assistant

You ask

“What functions call validate_user?”

AI responds

Found 12 functions that call validate_user:

• app.api.login_endpoint
• app.api.register_endpoint
• app.middleware.auth_middleware
• app.cli.login_command
... and 8 more

Build secure software without drowning in alerts

Focus on real vulnerabilities with AI-powered precision that cuts through the noise of traditional security scanners.

Get Started Free Explore documentation