Grade your vibe-coded project. One command. Instant letter grade.
"Vibe coding" is the new reality β you prompt, AI writes, you ship.
But is your vibe-coded project actually good?
Find out in 10 seconds.
$ vibescore .
π΅ Vibe Check v0.1.0
ββββββββββββββββββββββββββββββββββββββββββββββ
Project: tokonomics
Files: 40 (32 Python, 8 other)
Lines: 4,658
Scanned in 0.12s
ββββββββββββββββββββ¬βββββββββ¬ββββββββ
β Category β Score β Grade β
ββββββββββββββββββββΌβββββββββΌββββββββ€
β Code Quality β 52.0 β F β
β Security β 100.0 β A+ β
β Dependencies β 98.0 β A+ β
β Testing β 100.0 β A+ β
ββββββββββββββββββββΌβββββββββΌββββββββ€
β Overall β 87.6 β B+ β
ββββββββββββββββββββ΄βββββββββ΄ββββββββ
π‘ Warnings (11)
VC201 Function 'export_svg_chart' too long (102 lines)
VC202 Function '_build_cli' high complexity (30)
VC203 Function 'export_svg_chart' has 6 parameters (>5)
...
π‘ Tips
β’ Reduce function complexity and add type annotations
pip install vibescoreThat's it. Zero dependencies. Works with Python 3.9+.
# Grade the current directory
vibescore .
# Grade a specific project
vibescore /path/to/project
# JSON output (for CI pipelines)
vibescore . --format json
# Fail CI if score is below threshold
vibescore . --min-score 70from vibescore import scan
report = scan(".")
print(f"Grade: {report.overall_grade} ({report.overall_score:.0f}/100)")
for category in report.categories:
print(f" {category.name}: {category.grade}")| Category | Checks | Codes |
|---|---|---|
| Code Quality | Function length, cyclomatic complexity, parameter count, type annotations, nesting depth, star imports, docstrings, mutable defaults | VC201βVC209 |
| Security | Hardcoded secrets, AWS keys, SQL injection, shell injection, unsafe deserialization, eval/exec, debug mode, private keys | VC301βVC309 |
| Dependencies | Version pinning, lock files, deprecated setup.py, wildcard pins | VC401βVC405 |
| Testing | Test file presence, test count, CI configuration, conftest.py, test-to-code ratio | VC501βVC506 |
| Grade | Score | Grade | Score |
|---|---|---|---|
| A+ | 97β100 | C+ | 77β79 |
| A | 93β96 | C | 73β76 |
| A- | 90β92 | C- | 70β72 |
| B+ | 87β89 | D+ | 67β69 |
| B | 83β86 | D | 63β66 |
| B- | 80β82 | D- | 60β62 |
| F | 0β59 |
- name: Vibe Check
run: |
pip install vibescore
vibescore . --min-score 70# In your Makefile or CI script
vibescore . --min-score 70 --format json > vibe-report.jsonrepos:
- repo: https://github.com/stef41/vibescore
rev: v0.1.0
hooks:
- id: vibescore
args: ["--min-score", "70"]Each category is scored 0β100 independently. The overall score is a weighted average:
| Category | Weight |
|---|---|
| Security | 30% |
| Code Quality | 25% |
| Testing | 25% |
| Dependencies | 20% |
Security is weighted highest because a security bug in vibe-coded projects can be catastrophic.
Vibe coding means AI writes most of your code. That's fast, but it introduces risks:
- AI hallucinates long functions that are hard to debug
- AI skips security basics like input validation and secret management
- AI often omits tests or writes superficial ones
- AI uses loose dependency pins that break on updates
vibescore catches these patterns in seconds, so you can ship fast and ship safe.
Q: Does this only work with Python?
A: Currently Python-focused for code quality and testing analysis. Security and dependency checks work with any project type. More languages coming soon.
Q: Does it phone home or require an API key?
A: No. Zero network requests. Zero dependencies. Runs entirely offline.
Q: How is this different from pylint/ruff/flake8?
A: Those are line-level linters. vibescore gives you a project-level grade across security, quality, testing, and dependencies β a holistic view of your vibe-coded project's health. Use both.
Tools in the same ecosystem:
- tokonomics β LLM token cost management
- injectionguard β Prompt injection detection
- vibesafe β AI code safety scanner
- castwright β Synthetic training data generator
- infermark β LLM inference benchmarking
Apache-2.0