Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files, it generates a report.
Free software: Apache license
Documentation: https://bandit.readthedocs.io/en/latest/
Source: https://github.com/PyCQA/bandit
Bugs: https://github.com/PyCQA/bandit/issues
Contributing: https://github.com/PyCQA/bandit/blob/master/CONTRIBUTING.md
Get Bandit: https://github.com/PyCQA/bandit