RepoPilot
Local-first repository risk checks for safer human and AI-assisted code changes.
RepoPilot gives teams a fast safety pass before a pull request, release, or AI coding session. It scans a repository locally, explains architecture, security, code-quality, testing, and framework risks, then turns findings into AI-ready context without uploading your source code to a hosted scanner.
It is not meant to replace language linters. RepoPilot focuses on repository signals that are hard to see from one file at a time: risky files, architecture drift, security candidates, testing gaps, review risk, baselines, and remediation context for Claude Code, ChatGPT, Cursor, or another coding assistant.
Why RepoPilot?
Most tools either lint one language or send results into a dashboard. RepoPilot is designed for the local development loop:
scan -> understand risk -> generate AI context -> fix -> review
| Capability | Language linters | Hosted scanners | RepoPilot |
|---|---|---|---|
| Runs locally | ✅ | ❌ | ✅ |
| No source upload required | ✅ | ❌ | ✅ |
| Cross-language repository view | ❌ | ✅ | ✅ |
| Architecture and repo risk signals | partial | ✅ | ✅ |
| AI-ready remediation context | ❌ | ❌ | ✅ |
| Baseline and PR review workflow | partial | ✅ | ✅ |
| Default noise reduction / Trust Mode | ❌ | partial | ✅ |
Use RepoPilot when you need to:
- understand the highest-risk files before asking an AI assistant to edit;
- add a CI gate without blocking on every existing finding;
- review PR risk from changed lines instead of only whole-repo noise;
- produce local evidence for releases through Markdown, JSON, SARIF, and receipts.
Install
With Cargo:
With npm:
With Homebrew:
With curl on Linux/macOS:
|
Build from source:
Upgrade:
&&
Quick Start
Start with a local scan:
Check adoption readiness and create an intentional baseline for existing debt:
Generate AI-ready context for the highest-risk work:
Copy AI context on macOS:
|
Save a Markdown report:
Run a focused security scan:
Review only changed code against a base branch:
Trust Mode
RepoPilot's default scan profile is intentionally quiet.
The default profile focuses on actionable production, security, and runtime risks. Strict mode shows the full raw audit output, including maintainability and testing suggestions.
The visibility engine classifies findings by product intent:
SecurityRisk | RuntimeRisk | ActionableRisk | Maintainability | TestingGap | Informational
Hidden suggestions are summarized by intent, rule, category, and reason, so the default report stays quiet without silently losing information.
Read more:
AI Workflow
RepoPilot does not call LLM APIs. It produces local Markdown that you choose where to paste.
Typical loop:
1. Run RepoPilot locally.
2. Read the risk summary.
3. Generate focused AI context.
4. Paste the context into Claude Code, ChatGPT, Cursor, or another assistant.
5. Apply the patch.
6. Run RepoPilot review/scan again.
See AI workflows.
Core Commands
| Command | Alias | Description |
|---|---|---|
repopilot scan <path> |
s |
Scan a project, folder, or file |
repopilot scan <path> --changed |
— | Scan changed files with local cache |
repopilot cache clear [path] |
— | Remove .repopilot/cache |
repopilot review [path] |
r |
Review findings that touch changed Git diff lines |
repopilot ai context <path> |
— | Generate LLM-ready repository context |
repopilot ai plan <path> |
— | Generate a prioritized remediation plan |
repopilot ai prompt <path> |
— | Generate a paste-ready remediation prompt |
repopilot compare <before> <after> |
cmp |
Compare two JSON scan reports |
repopilot baseline create <path> |
bl |
Store current findings as accepted debt |
repopilot doctor [path] |
d |
Diagnose audit readiness |
repopilot init |
— | Generate repopilot.toml |
Get command help:
Output Formats
Use:
consolefor local developmentmarkdownfor human-readable reportsjsonfor scripts and integrationshtmlfor shareable reportssariffor GitHub Code Scanning
Configuration
Generate a config file:
Run with an explicit config:
Configuration precedence:
CLI args > repopilot.toml > built-in defaults
Common scan options:
See configuration docs.
Baseline and Review
Create a baseline for existing findings:
Scan against accepted debt:
Fail CI only on new high-risk findings:
Commit .repopilot/baseline.json only after reviewing the accepted findings.
Do not update it just to make CI green; note accepted baseline changes in the PR.
Validate or bypass local feedback suppressions:
Review a pull request or branch diff:
See:
What RepoPilot Checks
RepoPilot includes rules for:
- architecture risk
- large and complex files
- deep nesting
- risky barrel files
- excessive fan-out and coupling
- circular dependencies
- TODO/FIXME/HACK markers
- long functions
- hardcoded secret candidates
- committed private keys
- committed
.envfiles - missing test structure
- source files without test counterparts
- JavaScript/TypeScript framework signals
- React and React Native project health
- Django project health
- Rust panic/unwrap risk
- JavaScript runtime exit risk
See the full rule list in rulesets.
Example
Default mode shows what is likely to matter now. Strict mode keeps the full audit:
Documentation
| Document | Description |
|---|---|
| Install | Cargo, npm, Homebrew, curl, and source builds |
| AI workflows | Claude Code, ChatGPT, Cursor, and remediation workflows |
| Security | Local-first trust model and vulnerability reporting |
| Configuration | repopilot.toml, presets, ignore files, and baseline adoption |
| Language support | Supported language/framework tiers and limitations |
| Knowledge Engine | Rule applicability and local-first learning policy |
| Risk Engine | Risk scoring, priorities, and calibration policy |
| Local Feedback | Repository-local suppressions and validation |
| Trust Mode | Default vs strict visibility and hidden suggestions |
| Core Visibility Engine | Finding intent model and visibility decisions |
| CLI reference | Commands, flags, and exit codes |
| Commands guide | Task-oriented command examples |
| Rulesets | Implemented rules, categories, and severity levels |
| React Native | React Native and Expo detection |
| GitHub Code Scanning | SARIF workflow and CI setup |
| Roadmap | Pre-1.0 roadmap and v1 gates |
| 0.12 GTM plan | Launch audiences, messaging, and proof points |
| Release process | Manual release process |
| Changelog | Version history |
Roadmap
Planned direction:
- stronger Trust Mode calibration
repopilot evalwith golden fixtures- local feedback validation and report transparency
- hidden suggestion trend tracking
- deeper dependency graph and impact analysis
- AI task packs with context, constraints, and acceptance criteria
See roadmap.
License
RepoPilot is licensed under MIT OR Apache-2.0.