Trace.v0.7.0·LIVE·shenzhen·209/209 tests green

OPEN SOURCE

DETECTION ENGINE

Trace.

AI can write.

Trace can [read].

The first open-source security checker built for LLM failure modes.

Hallucinations. Credentials. Silent errors. Unsafe sanitization.

Try in browser→View on GitHub→

scanning: /var/repos/random-api/user-service.pyLIVE

detections: 0 critical · 0 warnings22.5°N 114.0°E

02 / 11LIVE SCANNER

How Trace reads the code your AI wrote.

A live scan of a 47-line FastAPI file. Detection engine runs on all 24 open-source patterns across 6 languages. Each issue is flagged with its severity, line, and a one-line explanation.

file.py · 47 lines · pythonCOMPLETE

01import fastapi

02from fastapi import FastAPI, Depends, HTTPException

03import fake_validator_xyz

04import sqlite3

05import jwt

06from pydantic import BaseModel

08app = FastAPI()

10# Config

11SECRET_KEY = "dev-jwt-secret-2026"

12STRIPE_KEY = "sk_live_51xZy_abcdef..."

14class User(BaseModel):

15 id: int

16 name: str

18def fetch_user(user_id):

19 conn = sqlite3.connect("db.sqlite")

20 q = f"SELECT * FROM users WHERE id = {user_id}"

21 return conn.execute(q).fetchone()

23@app.get("/users/{uid}")

24def get_user(uid: int):

25 try:

26 u = fetch_user(uid)

27 except Exception:

28 pass

29 return u

31@app.post("/users")

32def create_user(name: str):

33 conn = sqlite3.connect("db.sqlite")

34 conn.execute(

35 f"INSERT INTO users (name) VALUES ('{name}')"

36 )

37 conn.commit()

39@app.delete("/users/{uid}")

40def delete_user(uid: str):

41 eval(f"removeUser({uid})")

43@app.get("/search")

44def search(q: str):

45 return {"results": []}

47# end of file

5 detections found

✗criticalline 03hallucinated dependency

fake_validator_xyz · not on PyPI

✗criticalline 11credential leak

JWT secret hardcoded

✗criticalline 12credential leak

Stripe live key · redacted

✗criticalline 20SQL injection

f-string interpolation in execute

✗criticalline 41code injection

eval() with user input

03 / 11THE SHIFT

Nearly half of production code is now written by AI.

Yet the tools we use to secure it were built for human bugs — humans who hesitate, who review, who leave typos. AI writes confidently. That confidence is the attack surface.

of AI-generated code contains security flaws.Veracode, 2025 State of Software Security

of organizations found vulnerabilities in AI-generated code.CSA

of committed code in 2025 was AI-written.SonarSource

04 / 11THE GAP

The failure mode is already loud.

Three incidents from the last three months. Nothing classified, nothing unusual. Ordinary AI-assisted deploys. Ordinary catastrophes.

MOLTBOOK · FEB 2026

1.5 million API keys exposed.

The founder wrote zero lines himself. AI scaffolded a Supabase database with public read/write permissions, and nobody reviewed the generated configuration before deploy.

AXIOS · MAR 2026

Supply chain attack via a maintainer token.

The compromised package was downloaded 450,000 times before detection. Downstream applications were affected within hours.

PYPI · APR 2026

Slopsquatting reaches 340 known packages.

Typo-squatted libraries matching the names that large language models hallucinate. Installation is one autocomplete away from code execution.

05 / 11WHY YOU

These are the quiet endings.

Not famous incidents. Not YC companies. Three things that happen to solo developers shipping AI-generated code without a second reader.

SCENARIO 01

02:00 AMSaturday night. Claude Code finished an auth flow that finally worked. You deployed it and went to sleep.

09:00 AMMonday morning in Japan. Someone hits /user?id='; DROP TABLE users;--

09:00 AMThe code Claude wrote was cursor.execute(f"SELECT * FROM users WHERE id = {user_id}"). The query ran.

11:00 AMEvery user in your database is gone. You hadn't set up automated backups yet.

The product you spent six weekends building no longer has users.

— Trace would have flagged the SQL injection before commit.

SCENARIO 02

DAY 1You asked Lovable to build a payment page. It wrote const stripe = new Stripe("sk_live_...") directly into the file.

DAY 1You pushed the repo to GitHub public, because that's the default.

DAY 1 +00:30Bots scanning GitHub for exposed Stripe keys found it in 30 minutes.

DAY 2Stripe notifies you of $47,000 in fraudulent charges. They refund everything.

DAY 3Stripe also closes your account for breach of security terms. You rebuild. You explain. It takes weeks.

Stripe refunded the money. Your reputation as a serious developer is already priced in.

— Trace would have refused the commit containing the live key.

SCENARIO 03

MONTH 01Claude suggested using react-form-validator-x to handle your signup form. You ran npm install. It failed. You tried again. It worked.

MONTH 01You didn't realize: someone had registered that exact name on npm 20 minutes before you tried the second time.

MONTH 04Your SaaS has 1,200 paying users. Revenue is growing. You're not watching dependencies anymore.

MONTH 05The package author pushes a new version. It exfiltrates your users' passwords on first run.

MONTH 05You find out from a Hacker News thread about your own product.

Every user password compromised. Trust reset to zero.

— Trace would have refused the import on day one. The package didn't exist in npm's registry yet.

06 / 11WHAT WE BUILT

Twenty-four patterns across six languages.

v0.7.0 ships 24 detection patterns across Python, JavaScript, TypeScript, Go, Rust, and Ruby. All open source. We catch the failure modes specific to AI-written code — not the ones humans are already careful about.

PYTHON / JAVASCRIPT / TYPESCRIPT

01HALLUCINATED DEPS● OSS

imports of packages that don't exist

01HALLUCINATED DEPSimports of packages that don't exist● OSS

02DEPRECATED APIS● OSS

calls to methods that don't exist

02DEPRECATED APIScalls to methods that don't exist● OSS

03CREDENTIAL LEAKS● OSS

api keys, tokens, connection strings

03CREDENTIAL LEAKSapi keys, tokens, connection strings● OSS

04FAKE TYPE SAFETY● OSS

any abuse, stripped generics

04FAKE TYPE SAFETYany abuse, stripped generics● OSS

05SILENT EXCEPTIONS● OSS

empty catches, swallowed promises

05SILENT EXCEPTIONSempty catches, swallowed promises● OSS

06UNSAFE SANITIZE● OSS

SQL injection, XSS, command inject

06UNSAFE SANITIZESQL injection, XSS, command inject● OSS

07TAUTOLOGICAL TEST● OSS

tests that can never fail

07TAUTOLOGICAL TESTtests that can never fail● OSS

08SLOPSQUATTING● OSS

suspicious import paths that may be AI-hallucinated

08SLOPSQUATTINGsuspicious import paths that may be AI-hallucinated● OSS

09ERROR IGNORED● OSS

error return values explicitly discarded with _

09ERROR IGNOREDerror return values explicitly discarded with _● OSS

10SPRINTF SQL● OSS

SQL queries built with fmt.Sprintf or string concat

10SPRINTF SQLSQL queries built with fmt.Sprintf or string concat● OSS

11HARDCODED SECRET● OSS

API keys, tokens, credentials in Go source

11HARDCODED SECRETAPI keys, tokens, credentials in Go source● OSS

RUST

12UNWRAP ABUSE● OSS

excessive .unwrap() that can panic at runtime

12UNWRAP ABUSEexcessive .unwrap() that can panic at runtime● OSS

13UNSAFE BLOCK● OSS

unsafe blocks bypassing safety guarantees

13UNSAFE BLOCKunsafe blocks bypassing safety guarantees● OSS

14TODO MACRO● OSS

todo!()/unimplemented!() placeholders that panic

14TODO MACROtodo!()/unimplemented!() placeholders that panic● OSS

15PANIC MACRO● OSS

panic!() where Result<T, E> should be used

15PANIC MACROpanic!() where Result<T, E> should be used● OSS

RUBY

16MASS ASSIGNMENT● OSS

ActiveRecord mass assignment without strong params

16MASS ASSIGNMENTActiveRecord mass assignment without strong params● OSS

17SQL INTERPOLATION● OSS

string interpolation inside SQL queries

17SQL INTERPOLATIONstring interpolation inside SQL queries● OSS

18SILENT RESCUE● OSS

rescue blocks that silently swallow exceptions

18SILENT RESCUErescue blocks that silently swallow exceptions● OSS

19EVAL INJECTION● OSS

eval/send called with dynamic input

19EVAL INJECTIONeval/send called with dynamic input● OSS

CROSS-LANGUAGE · NEW IN v0.7.0

20MISSING AWAIT● OSS

async call assigned without await — value is a Promise, not the result

20MISSING AWAITasync call assigned without await — value is a Promise, not the result● OSS

21INSECURE RNG● OSS

Math.random() or random.random() used for security-sensitive values

21INSECURE RNGMath.random() or random.random() used for security-sensitive values● OSS

22DYNAMIC EVAL● OSS

eval(), new Function(), or exec() with variable argument — code injection

22DYNAMIC EVALeval(), new Function(), or exec() with variable argument — code injection● OSS

23HARDCODED LOCALHOST● OSS

http://localhost or http://127.0.0.1 in non-test code

23HARDCODED LOCALHOSThttp://localhost or http://127.0.0.1 in non-test code● OSS

24ENV WITHOUT FALLBACK● OSS

os.environ["X"] or process.env.X without fallback — crashes on missing var

24ENV WITHOUT FALLBACKos.environ["X"] or process.env.X without fallback — crashes on missing var● OSS

Open the full engine on GitHub →

07 / 11AI DEMO

Watch AI write code. Then watch Trace read it.

Pick a prompt. See real AI-generated code. Trace analyzes it on our servers — catching what humans miss.

08 / 11USAGE

How to use it.

Three ways to run Trace, sorted by effort. Pick the one that fits where you write code.

METHOD 01 · BROWSER

No install. No signup.

Open tracecheck.dev.
Paste your code. Press Check.
Results in about 400 milliseconds.

Open Playground →

METHOD 02 · COMMAND LINE

Requires Node.js.

$ npx trace-core your-file.py

npx ships with Node.js. If you don't have Node.js yet, download it at nodejs.org.

METHOD 03 · CONTINUOUS INTEGRATION

Blocks commits with issues.

# .github/workflows/check.yml
name: Trace
on: [push, pull_request]
jobs:
  trace:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: npx trace-core src/

Drop into any Git provider's CI. Detection failures cause the workflow to exit with code 1.

09 / 11LANGUAGES

Six languages. Twenty-four patterns.

Full detector coverage with language-specific patterns. More languages shipping soon.

Python

JavaScript

TypeScript

Rust

Ruby

Coming soon: Java · PHP · Dart

10 / 11START

Three ways in.

BROWSER

For quick checks. No install.

Try Playground→

CLI

For CI and pre-commit. npm.

$ npx trace-core your-file.py

GITHUB

For the full source. MIT licensed.

usercodeX-creator/Trace-core→