Multi-language code evaluation and vulnerability scanning platform — scan codebases, APIs, and configurations for security issues, style violations, performance bottlenecks, and compliance gaps, surfaced through a rich web dashboard.
Scorecard • Quick Start • Architecture • API • Modules • Contributing
⭐ Ship better code? Star EvalScope to support open-source code quality tools!
┌────────────────────────────────────────────────────────────────┐
│ EVALSCOPE SCAN REPORT │
├────────────────────────────────────────────────────────────────┤
│ Repository: Crynge/eval-demo Branch: main │
│ Commit: a1b2c3d4 Scanned: 2026-07-01 │
├────────────────────────────────────────────────────────────────┤
│ Category Score Issues ──────────── Progress │
│ Security ████████░░ 80% 12 ▓▓▓▓▓▓▓▓░░░░░░ │
│ Code Style ███████░░░ 70% 24 ▓▓▓▓▓▓▓░░░░░░░░ │
│ Performance █████████░ 90% 3 ▓▓▓▓▓▓▓▓▓░░░░░░ │
│ Accessibility ██████░░░░ 60% 18 ▓▓▓▓▓▓░░░░░░░░░░ │
│ Compliance ████████░░ 80% 7 ▓▓▓▓▓▓▓▓░░░░░░░░ │
│ Test Coverage █████░░░░░ 50% 31 ▓▓▓▓▓░░░░░░░░░░░░ │
├────────────────────────────────────────────────────────────────┤
│ OVERALL ███████░░░ 72% 95 issues │
│ VERDICT: ⚠️ Needs improvement (threshold: 80%) │
└────────────────────────────────────────────────────────────────┘
| Feature | Description | Languages |
|---|---|---|
| 🔒 Security Scan | SQL injection, XSS, hardcoded secrets, credential leaks | TS, Go, Python, Rust |
| 🎨 Style Check | Linting, formatting, naming conventions | TS, Go, Python |
| ⚡ Performance | Bottleneck detection, memory leak analysis | Go, Rust |
| ♿ Accessibility | ARIA labels, contrast ratios, keyboard nav | HTML, TSX |
| 📋 Compliance | SPDX headers, license audits, dependency checks | All |
| 📈 Test Coverage | Line/branch coverage mapping | TS, Go, Python |
# Install
npm install @crynge/evalscope
# Scan a directory (auto-detects language)
npx evalscope scan ./src --format detailed
# CI mode — fail build if score below threshold
npx evalscope scan ./src --ci --threshold 80
# Start web dashboard
npx evalscope dashboard --port 8080import { Scanner } from '@crynge/evalscope/scanner';
const scanner = new Scanner({
categories: ['security', 'performance', 'compliance'],
failOn: ['critical', 'high'],
});
const report = await scanner.scan('./src');
console.log(report.summary);
// { score: 85, passed: true, issues: { critical: 0, high: 2, medium: 7 } }flowchart TB
subgraph Scanner["Scanner Layer"]
A[File System Watcher] --> B[Language Detector]
B --> C1[TS Scanner]
B --> C2[Go Scanner]
B --> C3[Python Scanner]
B --> C4[Rust Scanner]
end
subgraph Rules["Rule Engine"]
C1 --> D[Rule Matcher]
C2 --> D
C3 --> D
C4 --> D
D --> E[Severity Classifier]
end
subgraph API["API Layer"]
E --> F[Go API Server]
E --> G[Express API Server]
F --> H[(SQLite Store)]
G --> H
end
subgraph UI["Dashboard"]
H --> I[Web Dashboard]
I --> J[Report View]
I --> K[Trend Chart]
I --> L[CI Integration]
end
# Run a scan
curl -X POST http://localhost:8080/api/scan \
-H "Content-Type: application/json" \
-d '{"path": "./src", "categories": ["security", "performance"]}'
# Get results
curl http://localhost:8080/api/results/latest
# Get trend data
curl http://localhost:8080/api/trends?days=30src/
├── api/
│ ├── server.ts # TypeScript REST API
│ └── server.go # Go REST API (high-throughput)
├── scanner/
│ └── scanner.ts # Scan engine
├── rules/
│ └── rules.ts # Rule definitions
└── web/
└── server.ts # Dashboard frontend
See CONTRIBUTING.md for guidelines.
All repos are free and open-source. ⭐ Star what you use!
| Category | Repos |
|---|---|
| LLM & AI | SpecInferKit · AetherAgents · PromptShield |
| Marketing | AdVerify · Attributor · InfluencerHub · EdgePersona · AdVantage · BrandMuse · CampaignForge |
| Simulation | CivSim · EvalScope |
| Operations | OpsFlow |