Catches multi-session AI confusion: codebases that accumulate multiple libraries doing the same job because the model picked differently across sessions, resulting in dependency cruft and split-brain data layers.
20
Total Checks
2
Delivery Formats
4
Categories
2
Versions
Included
Never included
Tier change: free → paid as part of v2.0 Slop Detector pricing reset (Stack Scan remains the only free audit).
2026-04-13
Initial release
2026-04-07
Picked by pack overlap with this audit.
Catches LLM hallucination — code that references modules, files, routes, schemas, env vars, or assets that do not exist anywhere in the project.
Catches code that will surprise-bill on the first viral moment — non-LLM cost vectors that AI tools commonly leave unbounded: file uploads with no size limit, unbounded DB queries, email/SMS without rate limits, webhooks without idempotency, and background jobs without retry caps.
Catches security controls that are imported, configured, or defined but never actually wired up — the unique AI failure mode of code that looks secure but isn't. Strictly focused on the gap between declaring a security control and applying it.
Catches AI-generated test suites that look impressive but don't actually test anything — assertion-free test files, mock-saturated tests that test the mocks, tautologies, skipped tests in CI, and missing E2E coverage on critical user flows.
Catches AI-specific half-finished code patterns that slip into production: mock API responses in real handlers, hardcoded test credentials in fallbacks, stub returns, debug bypasses, and dev-only routes left active.