Judges Panel
Generates CI templates for Bitbucket pipelines to run Judges evaluations.
Allows running code reviews on pull requests, uploading SARIF results to GitHub Code Scanning, and running a self-hosted GitHub App for PR reviews.
Provides a GitHub Action to run Judges evaluations in CI pipelines, with options for diff-only, fail-on-findings, and SARIF upload.
Generates CI templates for GitLab pipelines to run Judges evaluations.
Installs a pre-commit hook to run Judges evaluations before commits.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Judges PanelEvaluate src/app.ts for all 45 dimensions"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Judges Panel
An MCP (Model Context Protocol) server that provides a panel of 45 specialized judges to evaluate AI-generated code β acting as an independent quality gate regardless of which project is being reviewed. Combines deterministic pattern matching & AST analysis (instant, offline, zero LLM calls) with LLM-powered deep-review prompts that let your AI assistant perform expert-persona analysis across all 45 domains.
Highlights:
Includes an App Builder Workflow (3-step) demo for release decisions, plain-language risk summaries, and prioritized fixes β see Try the Demo.
Includes V2 context-aware evaluation with policy profiles, evidence calibration, specialty feedback, confidence scoring, and uncertainty reporting.
Includes public repository URL reporting to clone a repo, run the full tribunal, and output a consolidated markdown report.
200+ deterministic auto-fix patches (see
src/patches/index.ts) plus LLM-powered deep review.
π§ͺ Many commands in
printHelpare experimental/roadmap. By default, we show GA commands only. SetJUDGES_SHOW_EXPERIMENTAL=1to reveal stubs; these may not be wired yet.
π° Packages
CLI:
@kevinrabun/judges-cliβ binaryjudges(usenpx @kevinrabun/judges-cli eval --file app.ts).MCP/API:
@kevinrabun/judgesβ programmatic API + MCP server (npm install @kevinrabun/judges).VS Code extension: see
vscode-extension/.GitHub Action:
uses: KevinRabun/judges@main(see CI quickstart).
Quickstart
CLI (one-off)
# Using the CLI package (recommended)
npx @kevinrabun/judges-cli eval --file src/app.ts
# Show GA commands only (default)
npx @kevinrabun/judges-cli --help
# Show experimental/roadmap commands
echo "JUDGES_SHOW_EXPERIMENTAL=1" >> $GITHUB_ENV
npx @kevinrabun/judges-cli --help
# License scan (supply-chain & license compliance)
npx @kevinrabun/judges-cli license-scan --dir .CLI vs API: If you want to embed Judges in your app (MCP/API), install
@kevinrabun/judges. For the command-line, use@kevinrabun/judges-cli(binaryjudges).
GitHub Action
name: Judges
on: [pull_request, push]
jobs:
judges:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: KevinRabun/judges@main
with:
path: .
diff-only: true # evaluate only changed lines in PRs (default true)
fail-on-findings: true # fail on critical/high findings
upload-sarif: true # upload SARIF to GitHub Code ScanningProgrammatic API (MCP server included)
npm install @kevinrabun/judgesimport { evaluateCode } from "@kevinrabun/judges/api";
const verdict = evaluateCode("const password = 'ProdSecret';", "typescript");
console.log(verdict.overallVerdict, verdict.overallScore);MCP server
The MCP server runs on stdio and is started by your MCP client (VS Code, Claude Desktop, etc.).
Configure it in your MCP settings (e.g. mcp.json):
{
"servers": {
"judges": {
"type": "stdio",
"command": "npx",
"args": ["-y", "@kevinrabun/judges"]
}
}
}Or run the server directly:
npx @kevinrabun/judges
# Starts the MCP server on stdioConfig file:
.judgesrc.json(supports${ENV_VAR}substitution viaexpandEnvPlaceholders). See Configuration.
Related MCP server: CodeBase Optimizer
Why Judges?
AI code generators (Copilot, Cursor, Claude, ChatGPT, etc.) write code fast β but they routinely produce insecure defaults, missing auth, hardcoded secrets, and poor error handling. Human reviewers catch some of this, but nobody reviews 45 dimensions consistently.
ESLint / Biome | SonarQube | Semgrep / CodeQL | Judges | |
Scope | Style + some bugs | Bugs + code smells | Security patterns | 45 domains: security, cost, compliance, a11y, API design, cloud, UX, β¦ |
AI-generated code focus | No | No | Partial | Purpose-built for AI output failure modes |
Setup | Config per project | Server + scanner | Cloud or local | One command: |
Auto-fix patches | Some | No | No | 200+ deterministic patches β instant, offline |
Non-technical output | No | Dashboard | No | Plain-language findings with What/Why/Next |
MCP native | No | No | No | Yes β works inside Copilot, Claude, Cursor |
SARIF output | No | Yes | Yes | Yes β upload to GitHub Code Scanning |
Cost | Free | $$$$ | Free/paid | Free / MIT |
Judges doesn't replace linters β it covers the dimensions linters don't: authentication strategy, data sovereignty, cost patterns, accessibility, framework-specific anti-patterns, and architectural issues across multiple files.
Quick Start
Prereqs: Node.js >=18 (>=20 recommended),
npxavailable. ThejudgesCLI binary ships with @kevinrabun/judges-cli (preferred) and also works vianpx @kevinrabun/judges.Packages:
CLI:
npm install -g @kevinrabun/judges-cli(ornpx @kevinrabun/judges-cli ...)MCP/API:
npm install @kevinrabun/judges
Use @kevinrabun/judges for the MCP server and programmatic API. Use @kevinrabun/judges-cli when you want the judges terminal command.
Try it now (no clone needed)
# Install the CLI globally
npm install -g @kevinrabun/judges-cli
# Evaluate any file
judges eval src/app.ts
# Pipe from stdin
cat api.py | judges eval --language python
# Single judge
judges eval --judge cybersecurity server.ts
# SARIF output for CI
judges eval --file app.ts --format sarif > results.sarif
# HTML report with severity filters and dark/light theme
judges eval --file app.ts --format html > report.html
# Fail CI on findings (exit code 1)
judges eval --fail-on-findings src/api.ts
# Suppress known findings via baseline
judges eval --baseline baseline.json src/api.ts
# Use a named preset
judges eval --preset security-only src/api.ts
# Use a config file
judges eval --config .judgesrc.json src/api.ts
# Set a minimum score threshold (exit 1 if below)
judges eval --min-score 80 src/api.ts
# One-line summary for scripts
judges eval --summary src/api.ts
# Agentic skills (orchestrated judge sets)
judges skill ai-code-review --file src/app.ts
judges skill security-review --file src/api.ts --format json
judges skill release-gate --file src/app.ts
judges skills # list available skills
> Full catalog: [`docs/skills.md`](docs/skills.md)
# List all 45 judges
judges listAdditional CLI Commands
# Interactive project setup wizard
judges init
# Preview auto-fix patches (dry run)
judges fix src/app.ts
# Apply patches directly
judges fix src/app.ts --apply
# License compliance scan (copyleft/unknown detection)
judges license-scan --format json --risk high
# Watch mode β re-evaluate on file save
judges watch src/
# Project-level report (local directory)
judges report . --format html --output report.html
# Evaluate a unified diff (pipe from git diff)
git diff HEAD~1 | judges diff
# Analyze dependencies for supply-chain risks
judges deps --path . --format json
# Run GitHub App server (zero-config PR reviews)
judges app serve --port 4567
# Run GitHub PR review (gh CLI required)
judges review --pr 123 --repo owner/name --diff-only
# Auto-tune presets and configs
judges tune --dir . --apply
# Create a baseline file to suppress known findings
judges baseline create --file src/api.ts -o baseline.json
# Generate CI template files
judges ci-templates --provider github
judges ci-templates --provider gitlab
judges ci-templates --provider azure
judges ci-templates --provider bitbucket
# Generate per-judge rule documentation
judges docs
judges docs --judge cybersecurity
judges docs --output docs/
# Install shell completions
judges completions bash # eval "$(judges completions bash)"
judges completions zsh
judges completions fish
judges completions powershell
# Install pre-commit hook
judges hook install
# Uninstall pre-commit hook
judges hook uninstallπ Tip: The CLI help now defaults to GA commands only. To see experimental/roadmap commands, run:
JUDGES_SHOW_EXPERIMENTAL=1 judges --help
GitHub App (self-hosted webhook)
Run a zero-config PR reviewer as a GitHub App:
# Run the webhook server locally
judges app serve --port 4567Required env vars:
JUDGES_APP_IDβ GitHub App IDJUDGES_PRIVATE_KEYorJUDGES_PRIVATE_KEY_PATHβ PEM private keyJUDGES_WEBHOOK_SECRETβ signature verification secret
Optional:
JUDGES_MIN_SEVERITY(default:medium)JUDGES_MAX_COMMENTS(default: 25)JUDGES_TEST_DRY_RUN=1to avoid live network calls during tests
For local testing, you can expose http://localhost:4567/webhook via ngrok http 4567 and configure the GitHub App webhook URL accordingly.
Use in GitHub Actions
Add Judges to your CI pipeline with zero configuration:
# .github/workflows/judges.yml
name: Judges Code Review
on: [pull_request]
jobs:
judges:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write # only if using upload-sarif
steps:
- uses: actions/checkout@v4
- uses: KevinRabun/judges@main
with:
path: src/api.ts # file or directory
format: text # text | json | sarif | markdown
upload-sarif: true # upload to GitHub Code Scanning
fail-on-findings: true # fail CI on critical/high findingsOutputs available for downstream steps: verdict, score, findings, critical, high, sarif-file.
Use with Docker (no Node.js required)
# Build the image
docker build -t judges .
# Evaluate a local file
docker run --rm -v $(pwd):/code judges eval --file /code/app.ts
# Pipe from stdin
cat api.py | docker run --rm -i judges eval --language python
# List judges
docker run --rm judges listOr use as an MCP server
1. Install and Build
git clone https://github.com/KevinRabun/judges.git
cd judges
npm install
npm run build2. Try the Demo
Run the included demo to see all 45 judges evaluate a purposely flawed API server:
npm run demoThis evaluates examples/sample-vulnerable-api.ts β a file intentionally packed with security holes, performance anti-patterns, and code quality issues β and prints a full verdict with per-judge scores and findings.
The demo now also includes an App Builder Workflow (3-step) section. In a single run, you get both tribunal output and workflow output:
Release decision (
Ship now/Ship with caution/Do not ship)Plain-language summaries of top risks
Prioritized remediation tasks and AI-fixable
P0/P1items
Sample workflow output (truncated):
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β App Builder Workflow Demo (3-Step) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Decision : Do not ship
Verdict : FAIL (47/100)
Risk Counts : Critical 24 | High 27 | Medium 55
Step 2 β Plain-Language Findings:
- [CRITICAL] DATA-001: Hardcoded password detected
What: ...
Why : ...
Next: ...
Step 3 β Prioritized Tasks:
- P0 | DEVELOPER | Effort L | DATA-001
Task: ...
Done: ...
AI-Fixable Now (P0/P1):
- P0 DATA-001: ...Sample tribunal output (truncated):
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Judges Panel β Full Tribunal Demo β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Overall Verdict : FAIL
Overall Score : 43/100
Critical Issues : 15
High Issues : 17
Total Findings : 83
Judges Run : 33
Per-Judge Breakdown:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Judge Data Security 0/100 7 finding(s)
β Judge Cybersecurity 0/100 7 finding(s)
β Judge Cost Effectiveness 52/100 5 finding(s)
β οΈ Judge Scalability 65/100 4 finding(s)
β Judge Cloud Readiness 61/100 4 finding(s)
β Judge Software Practices 45/100 6 finding(s)
β Judge Accessibility 0/100 8 finding(s)
β Judge API Design 0/100 9 finding(s)
β Judge Reliability 54/100 3 finding(s)
β Judge Observability 45/100 5 finding(s)
β Judge Performance 27/100 5 finding(s)
β Judge Compliance 0/100 4 finding(s)
β οΈ Judge Testing 90/100 1 finding(s)
β οΈ Judge Documentation 70/100 4 finding(s)
β οΈ Judge Internationalization 65/100 4 finding(s)
β οΈ Judge Dependency Health 90/100 1 finding(s)
β Judge Concurrency 44/100 4 finding(s)
β Judge Ethics & Bias 65/100 2 finding(s)
β Judge Maintainability 52/100 4 finding(s)
β Judge Error Handling 27/100 3 finding(s)
β Judge Authentication 0/100 4 finding(s)
β Judge Database 0/100 5 finding(s)
β Judge Caching 62/100 3 finding(s)
β Judge Configuration Mgmt 0/100 3 finding(s)
β οΈ Judge Backwards Compat 80/100 2 finding(s)
β οΈ Judge Portability 72/100 2 finding(s)
β Judge UX 52/100 4 finding(s)
β Judge Logging Privacy 0/100 4 finding(s)
β Judge Rate Limiting 27/100 4 finding(s)
β οΈ Judge CI/CD 80/100 2 finding(s)3. Run the Tests
npm testRuns automated tests covering all judges, AST parsers, markdown formatters, and edge cases.
4. Connect to Your Editor
VS Code (recommended β zero config)
Install the Judges Panel extension from the Marketplace. It provides:
Inline diagnostics & quick-fixes on every file save
@judgeschat participant β type@judgesin Copilot Chat, or just ask for a "judges panel review" and Copilot routes automaticallyAuto-configured MCP server β all 45 expert-persona prompts available to Copilot with zero setup
code --install-extension kevinrabun.judges-panelVS Code β manual MCP config
If you prefer explicit workspace config (or want teammates without the extension to benefit), create .vscode/mcp.json:
{
"servers": {
"judges": {
"command": "npx",
"args": ["-y", "@kevinrabun/judges"]
}
}
}Claude Desktop
Add to claude_desktop_config.json:
{
"mcpServers": {
"judges": {
"command": "npx",
"args": ["-y", "@kevinrabun/judges"]
}
}
}Cursor / other MCP clients
Use the same npx command for any MCP-compatible client:
{
"command": "npx",
"args": ["-y", "@kevinrabun/judges"]
}5. Use Judges in GitHub Copilot PR Reviews
Yes β users can include Judges as part of GitHub-based review workflows, with one important caveat:
The hosted
copilot-pull-request-revieweron GitHub does not currently let you directly attach arbitrary local MCP servers the same way VS Code does.The practical pattern is to run Judges in CI on each PR, publish a report/check, and have Copilot + human reviewers use that output during review.
Option A (recommended): PR workflow check + report artifact
Create .github/workflows/judges-pr-review.yml:
name: Judges PR Review
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
judges:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- name: Install
run: npm ci
- name: Generate Judges report
run: |
npx tsx -e "import { generateRepoReportFromLocalPath } from './src/reports/public-repo-report.ts';
const result = generateRepoReportFromLocalPath({
repoPath: process.cwd(),
outputPath: 'judges-pr-report.md',
maxFiles: 600,
maxFindingsInReport: 150,
});
console.log('Overall:', result.overallVerdict, result.averageScore);"
- name: Upload report artifact
uses: actions/upload-artifact@v4
with:
name: judges-pr-report
path: judges-pr-report.mdThis gives every PR a reproducible Judges output your team (and Copilot) can reference.
Option B: Add Copilot custom instructions in-repo
Add .github/instructions/judges.instructions.md with guidance such as:
When reviewing pull requests:
1. Read the latest Judges report artifact/check output first.
2. Prioritize CRITICAL and HIGH findings in remediation guidance.
3. If findings conflict, defer to security/compliance-related Judges.
4. Include rule IDs (e.g., DATA-001, CYBER-004) in suggested fixes.This helps keep Copilot feedback aligned with Judges findings.
CLI Reference
All commands support --help for usage details.
judges eval
Evaluate a file with all 45 judges or a single judge.
Flag | Description |
| File to evaluate |
| Single judge mode |
| Language hint (auto-detected from extension) |
| Output format: |
| Write output to file |
| Exit with code 1 if verdict is FAIL |
| JSON baseline file β suppress known findings |
| Print a single summary line (ideal for scripts) |
| Load a |
| Use a named preset (see Named Presets for all 22 options) |
| Exit with code 1 if overall score is below this threshold |
| Print timing and debug information |
| Suppress non-essential output |
| Disable ANSI colors |
judges init
Interactive wizard that generates project configuration:
.judgesrc.jsonβ rule customization, disabled judges, severity thresholds.github/workflows/judges.ymlβ GitHub Actions CI workflow.gitlab-ci.judges.ymlβ GitLab CI pipeline (optional)azure-pipelines.judges.ymlβ Azure Pipelines (optional)
judges fix
Preview or apply auto-fix patches from deterministic findings.
Flag | Description |
positional | File to fix |
| Write patches to disk (default: dry run) |
| Limit to a single judge's findings |
judges watch
Continuously re-evaluate files on save.
Flag | Description |
positional | File or directory to watch (default: |
| Single judge mode |
| Exit non-zero if any evaluation fails |
judges report
Run a full project-level tribunal on a local directory.
Flag | Description |
positional | Directory path (default: |
| Output format: |
| Write report to file |
| Maximum files to analyze (default: 600) |
| Skip files larger than this (default: 300000) |
judges hook
Manage a Git pre-commit hook that runs Judges on staged files.
judges hook install # add pre-commit hook
judges hook uninstall # remove pre-commit hookDetects Husky (.husky/pre-commit) and falls back to .git/hooks/pre-commit. Uses marker-based injection so it won't clobber existing hooks.
judges diff
Evaluate only the changed lines from a unified diff (e.g., git diff output).
Flag | Description |
| Read diff from file instead of stdin |
| Output format: |
| Write output to file |
git diff HEAD~1 | judges diff
judges diff --file changes.patch --format sarifjudges deps
Analyze project dependencies for supply-chain risks.
Flag | Description |
| Project root to scan (default: |
| Output format: |
judges deps --path .
judges deps --path ./backend --format jsonjudges baseline
Create a baseline file to suppress known findings in future evaluations.
judges baseline create --file src/api.ts
judges baseline create --file src/api.ts -o .judges-baseline.jsonjudges ci-templates
Generate CI/CD configuration templates for popular providers.
judges ci-templates --provider github # .github/workflows/judges.yml
judges ci-templates --provider gitlab # .gitlab-ci.judges.yml
judges ci-templates --provider azure # azure-pipelines.judges.yml
judges ci-templates --provider bitbucket # bitbucket-pipelines.yml (snippet)judges docs
Generate per-judge rule documentation in Markdown.
Flag | Description |
| Generate docs for a single judge |
| Write individual |
judges docs # all judges to stdout
judges docs --judge cybersecurity # single judge
judges docs --output docs/judges/ # write files to directoryjudges completions
Generate shell completion scripts.
eval "$(judges completions bash)" # Bash
eval "$(judges completions zsh)" # Zsh
judges completions fish | source # Fish
judges completions powershell # PowerShell (Register-ArgumentCompleter)Named Presets
Use --preset to apply pre-configured evaluation settings:
Preset | Description |
| All severities, all judges β maximum thoroughness |
| Only high and critical findings β fast and focused |
| Security-focused β disables non-security judges (cost, scalability, docs, a11y, i18n, UX, etc.) |
| Skip compliance, sovereignty, i18n judges β move fast |
| Only compliance, data-sovereignty, authentication β regulatory focus |
| Only performance, scalability, caching, cost-effectiveness |
| Tuned for React/Next.js apps β enables accessibility, XSS protection |
| Tuned for Express.js APIs β middleware security, auth, CORS, rate limiting |
| Tuned for Python FastAPI β input validation, async patterns, API security |
| Tuned for Django apps β template security, ORM misuse, CSRF |
| Tuned for Java Spring Boot β injection, configuration, actuator security |
| Tuned for Ruby on Rails β mass assignment, CSRF, SQL injection |
| Tuned for Next.js β server/client security, API routes, SSR/ISR |
| Tuned for Terraform/OpenTofu IaC β infrastructure security, compliance |
| Tuned for K8s manifests β security contexts, RBAC, resource limits |
| Smart defaults for first-time adoption β suppresses noisy rules |
| Financial services β PCI DSS, cryptography, authentication, audit |
| Healthcare β HIPAA compliance, data sovereignty, encryption, audit trails |
| Multi-tenant SaaS β tenant isolation, rate limiting, scalability |
| Government/public sector β compliance, sovereignty, authentication |
| Open-source projects β documentation, backwards compatibility, security, dependency health |
| AI-generated code review β hallucination detection, security, authentication, correctness |
judges eval --preset security-only src/api.ts
judges eval --preset strict --format sarif src/app.ts > results.sarifCI Output Formats
JUnit XML
Generate JUnit XML for Jenkins, Azure DevOps, GitHub Actions, or GitLab test result viewers:
judges eval --format junit src/api.ts > results.xmlEach judge maps to a <testsuite>, each finding becomes a <testcase> with <failure> for critical/high severity.
CodeClimate / GitLab Code Quality
Generate CodeClimate JSON for GitLab Code Quality or similar tools:
judges eval --format codeclimate src/api.ts > codequality.jsonScore Badges
Generate SVG or text badges for your README:
import { generateBadgeSvg, generateBadgeText } from "@kevinrabun/judges/badge";
const svg = generateBadgeSvg(85); // shields.io-style SVG
const text = generateBadgeText(85); // "β judges 85/100"
const svg2 = generateBadgeSvg(75, "quality"); // custom labelThe Judge Panel
Judge | Domain | Rule Prefix | What It Evaluates |
Data Security | Data Security & Privacy |
| Encryption, PII handling, secrets management, access controls |
Cybersecurity | Cybersecurity & Threat Defense |
| Injection attacks, XSS, CSRF, auth flaws, OWASP Top 10 |
Cost Effectiveness | Cost Optimization & Resource Efficiency |
| Algorithm efficiency, N+1 queries, memory waste, caching strategy |
Scalability | Scalability & Performance |
| Statelessness, horizontal scaling, concurrency, bottlenecks |
Cloud Readiness | Cloud-Native Architecture & DevOps |
| 12-Factor compliance, containerization, graceful shutdown, IaC |
Software Practices | Software Engineering Best Practices & Secure SDLC |
| SOLID principles, type safety, error handling, input validation |
Accessibility | Accessibility (a11y) |
| WCAG compliance, screen reader support, keyboard navigation, ARIA |
API Design | API Design & Contracts |
| REST conventions, versioning, pagination, error responses |
Reliability | Reliability & Resilience |
| Error handling, timeouts, retries, circuit breakers |
Observability | Monitoring & Diagnostics |
| Structured logging, health checks, metrics, tracing |
Performance | Runtime Performance |
| N+1 queries, sync I/O, caching, memory leaks |
Compliance | Regulatory & License Compliance |
| GDPR/CCPA, PII protection, consent, data retention, audit trails |
Data Sovereignty | Data, Technological & Operational Sovereignty |
| Data residency, cross-border transfers, vendor key management, AI model portability, identity federation, circuit breakers, audit trails, data export |
Testing | Test Quality & Coverage |
| Test coverage, assertions, test isolation, naming |
Documentation | Documentation & Developer Experience |
| JSDoc/docstrings, magic numbers, TODOs, code comments |
Internationalization | i18n & Localization |
| Hardcoded strings, locale handling, currency formatting |
Dependency Health | Supply Chain & Dependencies |
| Version pinning, deprecated packages, supply chain |
Concurrency | Concurrency & Thread Safety |
| Race conditions, unbounded parallelism, missing await |
Ethics & Bias | AI/ML Fairness & Ethics |
| Demographic logic, dark patterns, inclusive language |
Maintainability | Code Maintainability & Technical Debt |
| Any types, magic numbers, deep nesting, dead code, file length |
Error Handling | Error Handling & Fault Tolerance |
| Empty catch blocks, missing error handlers, swallowed errors |
Authentication | Authentication & Authorization |
| Hardcoded creds, missing auth middleware, token in query params |
Database | Database Design & Query Efficiency |
| SQL injection, N+1 queries, connection pooling, transactions |
Caching | Caching Strategy & Data Freshness |
| Unbounded caches, missing TTL, no HTTP cache headers |
Configuration Management | Configuration & Secrets Management |
| Hardcoded secrets, missing env vars, config validation |
Backwards Compatibility | Backwards Compatibility & Versioning |
| API versioning, breaking changes, response consistency |
Portability | Platform Portability & Vendor Independence |
| OS-specific paths, vendor lock-in, hardcoded hosts |
UX | User Experience & Interface Quality |
| Loading states, error messages, pagination, destructive actions |
Logging Privacy | Logging Privacy & Data Redaction |
| PII in logs, token logging, structured logging, redaction |
Rate Limiting | Rate Limiting & Throttling |
| Missing rate limits, unbounded queries, backoff strategy |
CI/CD | CI/CD Pipeline & Deployment Safety |
| Test infrastructure, lint config, Docker tags, build scripts |
Code Structure | Structural Analysis |
| Cyclomatic complexity, nesting depth, function length, dead code, type safety |
Agent Instructions | Agent Instruction Markdown Quality & Safety |
| Instruction hierarchy, conflict detection, unsafe overrides, scope, validation, policy guidance |
AI Code Safety | AI-Generated Code Quality & Security |
| Prompt injection, insecure LLM output handling, debug defaults, missing validation, unsafe deserialization of AI responses |
Framework Safety | Framework-Specific Security & Best Practices |
| React hooks ordering, Express middleware chains, Next.js SSR/SSG pitfalls, Angular/Vue lifecycle patterns, Django/Flask/FastAPI safety, Spring Boot security, ASP.NET Core auth & CORS, Go Gin/Echo/Fiber patterns |
IaC Security | Infrastructure as Code |
| Terraform, Bicep, ARM template misconfigurations, hardcoded secrets, missing encryption, overly permissive network/IAM rules |
Security | General Security Posture |
| Holistic security assessment β insecure data flows, weak cryptography, unsafe deserialization |
Hallucination Detection | AI-Hallucinated API & Import Validation |
| Detects hallucinated APIs, fabricated imports, and non-existent modules from AI code generators |
Intent Alignment | CodeβComment Alignment & Stub Detection |
| Detects mismatches between stated intent and implementation, placeholder stubs, TODO-only functions |
API Contract Conformance | API Design & REST Best Practices |
| API endpoint input validation, REST conformance, request/response contract consistency |
Multi-Turn Coherence | Code Coherence & Consistency |
| Self-contradicting patterns, duplicate definitions, dead code, inconsistent naming |
Model Fingerprint Detection | AI Code Provenance & Model Attribution |
| Detects stylistic fingerprints characteristic of specific AI code generators |
Over-Engineering | Simplicity & Pragmatism |
| Unnecessary abstractions, wrapper-mania, premature generalization, over-complex patterns |
Logic Review | Semantic Correctness & Logic Integrity |
| Inverted conditions, dead code, name-body mismatch, off-by-one, incomplete control flow |
False-Positive Review | False Positive Detection & Finding Accuracy |
| Meta-judge reviewing pattern-based findings for false positives: string literal context, comment/docstring matches, test scaffolding, IaC template gating |
How It Works
The tribunal operates in three layers:
Pattern-Based Analysis β All tools (
evaluate_code,evaluate_code_single_judge,evaluate_project,evaluate_diff) perform heuristic analysis using regex pattern matching to catch common anti-patterns. This layer is instant, deterministic, and runs entirely offline with zero external API calls.AST-Based Structural Analysis β The Code Structure judge (
STRUCT-*rules) uses real Abstract Syntax Tree parsing to measure cyclomatic complexity, nesting depth, function length, parameter count, dead code, and type safety with precision that regex cannot achieve. All supported languages β TypeScript, JavaScript, Python, Rust, Go, Java, C#, and C++ β are parsed via tree-sitter WASM grammars (real syntax trees compiled to WebAssembly, in-process, zero native dependencies). A scope-tracking structural parser is kept as a fallback when WASM grammars are unavailable. No external AST server required.LLM-Powered Deep Analysis (Prompts) β The server exposes MCP prompts (e.g.,
judge-data-security,judge-cybersecurity) that provide each judge's expert persona as a system prompt. When used by an LLM-based client (Copilot, Claude, Cursor, etc.), the host LLM performs deeper, context-aware probabilistic analysis beyond what static patterns can detect. This is where thesystemPrompton each judge comes alive β Judges itself makes no LLM calls, but it provides the expert criteria so your AI assistant can act as 45 specialized reviewers.
Composable by Design
Judges Panel is a dual-layer review system: instant deterministic tools (offline, no API keys) for pattern and AST analysis, plus 45 expert-persona MCP prompts that unlock LLM-powered deep analysis when connected to an AI client. It does not try to be a CVE scanner or a linter. Those capabilities belong in dedicated MCP servers that an AI agent can orchestrate alongside Judges.
Built-in AST Analysis
Unlike earlier versions that recommended a separate AST MCP server, Judges Panel now includes real AST-based structural analysis out of the box:
TypeScript, JavaScript, Python, Rust, Go, Java, C#, C++ β All parsed with a unified tree-sitter WASM engine for full syntax-tree analysis (functions, complexity, nesting, dead code, type safety). Falls back to a scope-tracking structural parser when WASM grammars are unavailable
The Code Structure judge (STRUCT-*) uses these parsers to accurately measure:
Rule | Metric | Threshold |
| Cyclomatic complexity | > 10 per function (high) |
| Nesting depth | > 4 levels (medium) |
| Function length | > 50 lines (medium) |
| Parameter count | > 5 parameters (medium) |
| Dead code | Unreachable statements (low) |
| Weak types |
|
| File complexity | > 40 total cyclomatic complexity (high) |
| Extreme complexity | > 20 per function (critical) |
| Extreme parameters | > 8 parameters (high) |
| Extreme function length | > 150 lines (high) |
Recommended MCP Stack
When your AI coding assistant connects to multiple MCP servers, each one contributes its specialty:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AI Coding Assistant β
β (Claude, Copilot, Cursor, etc.) β
ββββββββ¬βββββββββββββββββββ¬βββββββββββ¬ββββββββββββββββββββ
β β β
βΌ βΌ βΌ
ββββββββββββββββ ββββββββββ ββββββββββ
β Judges β β CVE / β β Linter β
β Panel β β SBOM β β Server β
β ββββββββββββββ ββββββββββ ββββββββββ
β 44 Heuristic β Vuln DB Style &
β judges β scanning correctness
β + AST judge β
ββββββββββββββββ
Patterns +
structural
analysisLayer | What It Does | Example Servers |
Judges Panel | 45-judge quality gate β security patterns, AST analysis, cost, scalability, a11y, compliance, sovereignty, ethics, dependency health, agent instruction governance, AI code safety, framework safety | This server |
CVE / SBOM | Vulnerability scanning against live databases β known CVEs, license risks, supply chain | OSV, Snyk, Trivy, Grype MCP servers |
Linting | Language-specific style and correctness rules | ESLint, Ruff, Clippy MCP servers |
Runtime Profiling | Memory, CPU, latency measurement on running code | Custom profiling MCP servers |
What This Means in Practice
When you ask your AI assistant "Is this code production-ready?", the agent can:
Judges Panel β Scan for hardcoded secrets, missing error handling, N+1 queries, accessibility gaps, compliance issues, plus analyze cyclomatic complexity, detect dead code, and flag deeply nested functions via AST
CVE Server β Check every dependency in
package.jsonagainst known vulnerabilitiesLinter Server β Enforce team style rules, catch language-specific gotchas
Each server returns structured findings. The AI synthesizes everything into a single, actionable review β no single server needs to do it all.
MCP Tools
evaluate_v2
Run a V2 context-aware tribunal evaluation designed to raise feedback quality toward lead engineer/architect-level review:
Policy profile calibration (
default,startup,regulated,healthcare,fintech,public-sector)Context ingestion (architecture notes, constraints, standards, known risks, data-boundary model)
Runtime evidence hooks (tests, coverage, latency, error rate, vulnerability counts)
Specialty feedback aggregation by judge/domain
Confidence scoring and explicit uncertainty reporting
Supports:
Code mode:
code+languageProject mode:
files[]
Parameter | Type | Required | Description |
| string | conditional | Source code for single-file mode |
| string | conditional | Programming language for single-file mode |
| array | conditional |
|
| string | no | High-level review context |
| boolean | no | Include AST/code-structure findings (default: true) |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
| enum | no |
|
| object | no | Structured architecture/constraint context |
| object | no | Runtime/operational evidence for confidence calibration |
evaluate_app_builder_flow
Run a 3-step app-builder workflow for technical and non-technical stakeholders:
Tribunal review (code/project/diff)
Plain-language translation of top risks
Prioritized remediation tasks with AI-fixable P0/P1 extraction
Supports:
Code mode:
code+languageProject mode:
files[]Diff mode:
code+language+changedLines[]
Parameter | Type | Required | Description |
| string | conditional | Full source content (code/diff mode) |
| string | conditional | Programming language (code/diff mode) |
| array | conditional |
|
| number[] | no | 1-based changed lines for diff mode |
| string | no | Optional business/technical context |
| number | no | Max translated top findings (default: 10) |
| number | no | Max generated tasks (default: 20) |
| boolean | no | Include AST/code-structure findings (default: true) |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
evaluate_public_repo_report
Clone a public repository URL, run the full judges panel across eligible source files, and generate a consolidated markdown report.
Parameter | Type | Required | Description |
| string | yes | Public repository URL ( |
| string | no | Optional branch name |
| string | no | Optional path to write report markdown |
| number | no | Max files analyzed (default: 600) |
| number | no | Max file size in bytes (default: 300000) |
| number | no | Max detailed findings in output (default: 150) |
| string | no | Credential detection mode: |
| boolean | no | Include AST/code-structure findings (default: true) |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
| boolean | no | Enable must-fix gate summary for high-confidence dangerous findings (default: false) |
| number | no | Confidence threshold for must-fix gate triggers (0-1, default: 0.85) |
| string[] | no | Optional dangerous rule prefixes for gate matching (e.g., |
| boolean | no | Keep cloned repo on disk for inspection |
Quick examples
Generate a report from CLI:
npm run report:public-repo -- --repoUrl https://github.com/microsoft/vscode --output reports/vscode-judges-report.md
# stricter credential-signal mode (optional)
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --credentialMode strict --output reports/openclaw-judges-report-strict.md
# judge findings only (exclude AST/code-structure findings)
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --includeAstFindings false --output reports/openclaw-judges-report-no-ast.md
# show only findings at 80%+ confidence
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --minConfidence 0.8 --output reports/openclaw-judges-report-high-confidence.md
# include must-fix gate summary in the generated report
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --enableMustFixGate true --mustFixMinConfidence 0.9 --mustFixDangerousPrefix AUTH --mustFixDangerousPrefix CYBER --output reports/openclaw-judges-report-mustfix.md
# opinionated quick-start mode (recommended first run)
npm run report:quickstart -- --repoUrl https://github.com/openclaw/openclaw --output reports/openclaw-quickstart.mdCall from MCP client:
{
"tool": "evaluate_public_repo_report",
"arguments": {
"repoUrl": "https://github.com/microsoft/vscode",
"branch": "main",
"maxFiles": 400,
"maxFindingsInReport": 120,
"credentialMode": "strict",
"includeAstFindings": false,
"minConfidence": 0.8,
"enableMustFixGate": true,
"mustFixMinConfidence": 0.9,
"mustFixDangerousRulePrefixes": ["AUTH", "CYBER", "DATA"],
"outputPath": "reports/vscode-judges-report.md"
}
}Typical response summary includes:
overall verdict and average score
analyzed file count and total findings
per-judge score table
highest-risk findings and lowest-scoring files
Sample report snippet:
# Public Repository Full Judges Report
Generated from https://github.com/microsoft/vscode on 2026-02-21T12:00:00.000Z.
## Executive Summary
- Overall verdict: WARNING
- Average file score: 78/100
- Total findings: 412 (critical 3, high 29, medium 114, low 185, info 81)get_judges
List all available judges with their domains and descriptions.
evaluate_code
Submit code to the full judges panel. all 45 judges evaluate independently and return a combined verdict.
Parameter | Type | Required | Description |
| string | yes | The source code to evaluate |
| string | yes | Programming language (e.g., |
| string | no | Additional context about the code |
| boolean | no | Include AST/code-structure findings (default: true) |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
| object | no | Inline configuration (see Configuration) |
evaluate_code_single_judge
Submit code to a specific judge for targeted review.
Parameter | Type | Required | Description |
| string | yes | The source code to evaluate |
| string | yes | Programming language |
| string | yes | See judge IDs below |
| string | no | Additional context |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
| object | no | Inline configuration (see Configuration) |
evaluate_project
Submit multiple files for project-level analysis. all 45 judges evaluate each file, plus cross-file architectural analysis detects code duplication, inconsistent error handling, and dependency cycles.
Parameter | Type | Required | Description |
| array | yes | Array of |
| string | no | Optional project context |
| boolean | no | Include AST/code-structure findings (default: true) |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
| object | no | Inline configuration (see Configuration) |
evaluate_diff
Evaluate only the changed lines in a code diff. Runs all 45 judges on the full file but filters findings to lines you specify. Ideal for PR reviews and incremental analysis.
Parameter | Type | Required | Description |
| string | yes | The full file content (post-change) |
| string | yes | Programming language |
| number[] | yes | 1-based line numbers that were changed |
| string | no | Optional context about the change |
| boolean | no | Include AST/code-structure findings (default: true) |
| number | no | Minimum finding confidence to include (0-1, default: 0) |
| object | no | Inline configuration (see Configuration) |
analyze_dependencies
Analyze a dependency manifest file for supply-chain risks, version pinning issues, typosquatting indicators, and dependency hygiene. Supports package.json, requirements.txt, Cargo.toml, go.mod, pom.xml, and .csproj files.
Parameter | Type | Required | Description |
| string | yes | Contents of the dependency manifest file |
| string | yes | File type: |
| string | no | Optional context |
evaluate_git_diff
Evaluate only changed lines from a git diff. Provide either repoPath for a live git diff or diffText for a pre-computed unified diff.
Parameter | Type | Required | Description |
| string | conditional | Absolute path to the git repository |
| string | no | Git ref to diff against (default: |
| string | conditional | Pre-computed unified diff text |
| number | no | Minimum confidence threshold for findings (0β1) |
| boolean | no | Apply feedback-driven auto-tuning (default: false) |
| number | no | Max character budget for LLM prompts (default: 100000, 0 = unlimited) |
| object | no | Inline configuration |
re_evaluate_with_context
Re-run the tribunal with prior findings as context for iterative refinement. Supports dispute resolution, developer context injection, and focus-area filtering.
Parameter | Type | Required | Description |
| string | yes | Source code to re-evaluate |
| string | yes | Programming language |
| string[] | no | Rule IDs the developer disputes as false positives |
| string[] | no | Rule IDs the developer accepts |
| string | no | Free-form explanation of developer intent |
| string[] | no | Specific areas to focus on (e.g., |
| number | no | Minimum confidence threshold (default: 0.5) |
| string | no | File path for context-aware evaluation |
| boolean | no | Include LLM deep-review prompt section |
| array | no | Cross-file context |
| number | no | Max character budget for LLM prompts (default: 100000, 0 = unlimited) |
Additional MCP Tools
Tool | Description |
| Read a file from disk and submit it to the full panel. Auto-detects language from extension. |
| Streaming evaluation β returns per-judge results as each judge completes with running aggregates. |
| Run only specified judges. Use after an initial full evaluation to re-check specific areas. |
| Evaluate multiple code files in a single call. Returns per-file verdicts plus aggregate statistics. |
| Evaluate code and automatically generate fix patches for all findings with auto-fix support. |
| Evaluate with progress callbacks for long-running evaluations. |
| Policy-aware evaluation with named profiles (startup, regulated, healthcare, fintech, public-sector). |
| Evaluate code and apply all available auto-fix patches. Returns fixed code with applied/remaining summary. |
| Explain a finding in plain language with OWASP/CWE references, risk context, and remediation guidance. |
| Set triage status of a finding (accepted-risk, deferred, wont-fix, false-positive) with attribution. |
| Record user feedback (true-positive, false-positive, wont-fix) to calibrate confidence scores. |
| Finding lifecycle statistics: open, fixed, recurring, and triaged counts plus trends. |
| Analyze suppression patterns: FP rates by rule, suppression rates, auto-suppress candidates. |
| List triaged findings, optionally filtered by triage status. |
| Run benchmarks against quality thresholds. Returns pass/fail with F1, precision, recall metrics. |
| Run the full benchmark suite with per-judge, per-category, per-difficulty breakdowns. |
| Generate boilerplate files to add a new judge: definition, evaluator skeleton, and registration. |
| Generate a starter plugin template with custom rules, judges, and lifecycle hooks. |
| Current evaluation session state: evaluation count, frameworks, verdict history, stability. |
| List files and directories in the workspace for project exploration. |
| Read file contents from the workspace. |
Judge IDs
data-security Β· cybersecurity Β· security Β· cost-effectiveness Β· scalability Β· cloud-readiness Β· software-practices Β· accessibility Β· api-design Β· api-contract Β· reliability Β· observability Β· performance Β· compliance Β· data-sovereignty Β· testing Β· documentation Β· internationalization Β· dependency-health Β· concurrency Β· ethics-bias Β· maintainability Β· error-handling Β· authentication Β· database Β· caching Β· configuration-management Β· backwards-compatibility Β· portability Β· ux Β· logging-privacy Β· rate-limiting Β· ci-cd Β· code-structure Β· agent-instructions Β· ai-code-safety Β· framework-safety Β· iac-security Β· hallucination-detection Β· intent-alignment Β· multi-turn-coherence Β· model-fingerprint Β· over-engineering Β· logic-review Β· false-positive-review
MCP Prompts
Each judge has a corresponding prompt for LLM-powered deep analysis:
Prompt | Description |
| Deep data security review |
| Deep cybersecurity review |
| Deep cost optimization review |
| Deep scalability review |
| Deep cloud readiness review |
| Deep software practices review |
| Deep accessibility/WCAG review |
| Deep API design review |
| Deep reliability & resilience review |
| Deep observability & monitoring review |
| Deep performance optimization review |
| Deep regulatory compliance review |
| Deep data, technological & operational sovereignty review |
| Deep testing quality review |
| Deep documentation quality review |
| Deep i18n review |
| Deep dependency health review |
| Deep concurrency & async safety review |
| Deep ethics & bias review |
| Deep maintainability & tech debt review |
| Deep error handling review |
| Deep authentication & authorization review |
| Deep database design & query review |
| Deep caching strategy review |
| Deep configuration & secrets review |
| Deep backwards compatibility review |
| Deep platform portability review |
| Deep user experience review |
| Deep logging privacy review |
| Deep rate limiting review |
| Deep CI/CD pipeline review |
| Deep AST-based structural analysis review |
| Deep review of agent instruction markdown quality and safety |
| Deep review of AI-generated code risks: prompt injection, insecure LLM output handling, debug defaults, missing validation |
| Deep review of framework-specific safety: React hooks, Express middleware, Next.js SSR/SSG, Angular/Vue, Django, Spring Boot, ASP.NET Core, Flask, FastAPI, Go frameworks |
| Deep review of infrastructure-as-code security: Terraform, Bicep, ARM template misconfigurations |
| Deep holistic security posture review: insecure data flows, weak cryptography, unsafe deserialization |
| Deep review of AI-hallucinated APIs, fabricated imports, non-existent modules |
| Deep review of codeβcomment alignment, stub detection, placeholder functions |
| Deep review of API contract conformance, input validation, REST best practices |
| Deep review of code coherence: self-contradictions, duplicate definitions, dead code |
| Deep review of AI code provenance and model attribution fingerprints |
| Deep review of unnecessary abstractions, wrapper-mania, premature generalization |
| Deep review of logic correctness, semantic mismatches, and dead code in AI-generated code |
| Meta-judge review of pattern-based findings for false positive detection and accuracy |
Configuration
Create a .judgesrc.json (or .judgesrc) file in your project root to customize evaluation behavior. See .judgesrc.example.json for a copy-paste-ready template, or reference the JSON Schema for full IDE autocompletion.
{
"$schema": "https://github.com/KevinRabun/judges/blob/main/judgesrc.schema.json",
"preset": "strict",
"minSeverity": "medium",
"disabledRules": ["COST-*", "I18N-001"],
"disabledJudges": ["accessibility", "ethics-bias"],
"ruleOverrides": {
"SEC-003": { "severity": "critical" },
"DOC-*": { "disabled": true }
},
"languages": ["typescript", "python"],
"format": "text",
"failOnFindings": false,
"baseline": "",
"regulatoryScope": ["GDPR", "PCI-DSS", "SOC2"],
"consensusThreshold": 0.7
}Field | Type | Default | Description |
|
| β | JSON Schema URL for IDE validation |
|
| β | Named preset (see Named Presets for all 22 options) |
|
|
| Minimum severity to report: |
|
|
| Rule IDs or prefix wildcards to suppress (e.g. |
|
|
| Judge IDs to skip entirely (e.g. |
|
|
| Per-rule overrides keyed by rule ID or wildcard β |
|
|
| Restrict analysis to specific languages (empty = all) |
|
|
| Default output format: |
|
|
| Exit code 1 when verdict is |
|
|
| Path to a baseline JSON file β matching findings are suppressed |
|
|
| Plugin module specifiers (npm packages or relative paths) that export custom judges |
|
|
| Weighted importance per judge for aggregated scoring (e.g. |
|
| β | Minimum score (0β100) for the run to pass; complements |
|
| β | Regulatory frameworks in scope (e.g. |
|
| β | Consensus suppression (0β1). If this fraction of judges report zero findings, minority findings are suppressed. Recommended: |
|
| β | Confidence threshold (0β1) below which findings are flagged for human review |
|
|
| Path-scoped config overrides (e.g. |
|
|
| User-defined regex-based rules for business logic validation |
All evaluation tools (CLI and MCP) accept the same configuration fields via --config <path> or inline config parameter.
Advanced Features
Inline Suppressions
Suppress specific findings directly in source code using comment directives:
const x = eval(input); // judges-ignore SEC-001
// judges-ignore-next-line CYBER-002
const y = dangerousOperation();
// judges-file-ignore DOC-* β suppress globally for this fileSupported comment styles: //, #, /* */. Supports comma-separated rule IDs and wildcards (*, SEC-*).
Auto-Fix Patches
Certain findings include machine-applicable patches in the patch field:
Pattern | Auto-Fix |
| β |
| β |
| β |
Patches include oldText, newText, startLine, and endLine for automated application.
Cross-Evaluator Deduplication
When multiple judges flag the same issue (e.g., both Data Security and Cybersecurity detect SQL injection on line 15), findings are automatically deduplicated. The highest-severity finding wins, and the description is annotated with cross-references (e.g., "Also identified by: CYBER-003").
Human Focus Guide
Every tribunal evaluation includes a humanFocusGuide that categorizes findings into three buckets for human reviewers:
Bucket | Description | When to use |
β Trust | High-confidence (β₯80%), evidence-backed findings with AST/taint confirmation | Act directly β these have strong automated evidence |
π Verify | Lower-confidence or absence-based findings | Use your judgment β the issue may exist elsewhere in the project |
π¦ Blind Spots | Areas automated analysis cannot evaluate | Focus your manual review time here |
Blind spots are detected from code characteristics: complex branching logic, external service calls, financial calculations, PII handling, state machines, and complex regex. The guide appears in CLI text/markdown output, JSON/SARIF output, and GitHub Action step summaries.
Regulatory Scope
Configure which regulatory frameworks apply to your project in .judgesrc:
{ "regulatoryScope": ["GDPR", "PCI-DSS", "SOC2"] }Findings that cite ONLY out-of-scope frameworks are suppressed. Findings with no regulatory reference (general code quality) are always kept. Run judges list --frameworks to see all 17 supported frameworks (GDPR, CCPA, HIPAA, PCI-DSS, SOC2, SOX, COPPA, FedRAMP, NIST, ISO27001, ePrivacy, DORA, NIS2, EU-AI-Act, and more).
Self-Teaching Amendments
The LLM benchmark system auto-generates precision amendments for judges with high false-positive rates. Amendments are data-driven corrections injected into prompts that improve accuracy over successive benchmark runs.
The self-teaching loop:
Run benchmark β analyzer identifies judges below 70% precision
Generates targeted amendments (e.g., "Judge ERR: do not flag clean Express code with framework error middleware")
Next benchmark run loads amendments β precision improves
Run
judges codify-amendmentsto bake amendments permanently into the distributed package
Taint Flow Analysis
The engine performs inter-procedural taint tracking to trace data from user-controlled sources (e.g., req.body, process.env) through transformations to security-sensitive sinks (e.g., eval(), exec(), SQL queries). Taint flows are used to boost confidence on true-positive findings and suppress false positives where sanitization is detected.
Positive Signal Detection
Code that demonstrates good practices receives score bonuses (capped at +15):
Signal | Bonus |
Parameterized queries | +3 |
Security headers (helmet) | +3 |
Auth middleware (passport, etc.) | +3 |
Proper error handling | +2 |
Input validation libs (zod, joi, etc.) | +2 |
Rate limiting | +2 |
Structured logging (pino, winston) | +2 |
CORS configuration | +1 |
Strict mode / strictNullChecks | +1 |
Test patterns (describe/it/expect) | +1 |
Framework-Aware Rules
Judges include framework-specific detection for Express, Django, Flask, FastAPI, Spring, ASP.NET, Rails, and more. Framework middleware (e.g., helmet(), express-rate-limit, passport.authenticate()) is recognized as mitigation, reducing false positives.
Cross-File Import Resolution
In project-level analysis, imports are resolved across files. If one file imports a security middleware module from another file in the project, findings about missing security controls are automatically adjusted with reduced confidence.
Scoring
Each judge scores the code from 0 to 100:
Severity | Score Deduction |
Critical | β30 points |
High | β18 points |
Medium | β10 points |
Low | β5 points |
Info | β2 points |
Verdict logic:
FAIL β Any critical finding, or score < 60
WARNING β Any high finding, any medium finding, or score < 80
PASS β Score β₯ 80 with no critical, high, or medium findings
The overall tribunal score is the average of all 45 judges. The overall verdict fails if any judge fails.
Project Structure
judges/
βββ src/
β βββ index.ts # MCP server entry point β tools, prompts, transport
β βββ api.ts # Programmatic API entry point
β βββ cli.ts # CLI argument parser and command router
β βββ types.ts # TypeScript interfaces (Finding, JudgeEvaluation, etc.)
β βββ config.ts # .judgesrc configuration parser and validation
β βββ errors.ts # Custom error types (ConfigError, EvaluationError, ParseError)
β βββ language-patterns.ts # Multi-language regex pattern constants and helpers
β βββ judge-registry.ts # Unified JudgeRegistry β single source of truth for all judges
β βββ plugins.ts # Plugin API faΓ§ade (delegates to JudgeRegistry)
β βββ scoring.ts # Confidence scoring and calibration
β βββ dedup.ts # Finding deduplication engine
β βββ fingerprint.ts # Finding fingerprint generation
β βββ comparison.ts # Tool comparison benchmark data
β βββ cache.ts # Evaluation result caching
β βββ calibration.ts # Confidence calibration from feedback data
β βββ fix-history.ts # Auto-fix application history tracking
β βββ ast/ # AST analysis engine (built-in, no external deps)
β β βββ index.ts # analyzeStructure() β routes to correct parser
β β βββ types.ts # FunctionInfo, CodeStructure interfaces
β β βββ tree-sitter-ast.ts # Tree-sitter WASM parser (all 8 languages)
β β βββ structural-parser.ts # Fallback scope-tracking parser
β β βββ cross-file-taint.ts # Cross-file taint propagation analysis
β β βββ taint-tracker.ts # Single-file taint flow tracking
β βββ evaluators/ # Analysis engine for each judge
β β βββ index.ts # evaluateWithJudge(), evaluateWithTribunal(), evaluateProject(), etc.
β β βββ shared.ts # Scoring, verdict logic, markdown formatters
β β βββ *.ts # One analyzer per judge (45 files)
β βββ formatters/ # Output formatters
β β βββ sarif.ts # SARIF 2.1.0 output
β β βββ html.ts # Self-contained HTML report (dark/light theme, filters)
β β βββ junit.ts # JUnit XML output (Jenkins, Azure DevOps, GitHub Actions)
β β βββ codeclimate.ts # CodeClimate/GitLab Code Quality JSON
β β βββ diagnostics.ts # Diagnostics formatter
β β βββ badge.ts # SVG and text badge generator
β βββ commands/ # CLI subcommands
β β βββ init.ts # Interactive project setup wizard
β β βββ fix.ts # Auto-fix patch preview and application
β β βββ watch.ts # Watch mode β re-evaluate on save
β β βββ report.ts # Project-level local report
β β βββ hook.ts # Pre-commit hook install/uninstall
β β βββ ci-templates.ts # GitLab, Azure, Bitbucket CI templates
β β βββ diff.ts # Evaluate unified diff (git diff)
β β βββ deps.ts # Dependency supply-chain analysis
β β βββ baseline.ts # Create baseline for finding suppression
β β βββ completions.ts # Shell completions (bash/zsh/fish/PowerShell)
β β βββ docs.ts # Per-judge rule documentation generator
β β βββ feedback.ts # False-positive tracking & finding feedback
β β βββ benchmark.ts # Detection accuracy benchmark suite
β β βββ rule.ts # Custom rule authoring wizard
β β βββ language-packs.ts # Language-specific rule pack presets
β β βββ config-share.ts # Shareable team/org configuration
β βββ presets.ts # Named evaluation presets (strict, lenient, security-only, β¦)
β βββ patches/
β β βββ index.ts # 201 deterministic auto-fix patch rules
β βββ tools/ # MCP tool registrations
β β βββ register.ts # Tool registration orchestrator
β β βββ register-evaluation.ts # Evaluation tools (evaluate_code, etc.)
β β βββ register-workflow.ts # Workflow tools (app builder, reports, etc.)
β β βββ prompts.ts # MCP prompt registrations (per-judge prompts)
β β βββ schemas.ts # Zod schemas for tool parameters
β βββ reports/
β β βββ public-repo-report.ts # Public repo clone + full tribunal report generation
β βββ judges/ # Judge definitions (id, name, domain, system prompt)
β βββ index.ts # Side-effect imports + re-exports (JUDGES, getJudge, getJudgeSummaries)
β βββ *.ts # One self-registering definition per judge (45 files)
βββ scripts/
β βββ generate-public-repo-report.ts # Run: npm run report:public-repo -- --repoUrl <url>
β βββ daily-popular-repo-autofix.ts # Run: npm run automation:daily-popular
β βββ debug-fp.ts # Debug false-positive findings
βββ examples/
β βββ sample-vulnerable-api.ts # Intentionally flawed code (triggers all judges)
β βββ demo.ts # Run: npm run demo
β βββ quickstart.ts # Quick-start evaluation example
βββ tests/
β βββ judges.test.ts # Core judge evaluation tests
β βββ negative.test.ts # Negative / FP-avoidance tests
β βββ subsystems.test.ts # Subsystem integration tests
β βββ extension-logic.test.ts # VS Code extension logic tests
β βββ tool-routing.test.ts # MCP tool routing tests
βββ grammars/ # Tree-sitter WASM grammar files
β βββ tree-sitter-typescript.wasm
β βββ tree-sitter-cpp.wasm
β βββ tree-sitter-python.wasm
β βββ tree-sitter-go.wasm
β βββ tree-sitter-rust.wasm
β βββ tree-sitter-java.wasm
β βββ tree-sitter-c_sharp.wasm
βββ judgesrc.schema.json # JSON Schema for .judgesrc config files
βββ server.json # MCP Registry manifest
βββ package.json
βββ tsconfig.json
βββ README.mdScripts
Command | Description |
| Compile TypeScript to |
| Watch mode β recompile on save |
| Run the full test suite |
| Run the sample tribunal demo |
| Generate a full tribunal report for a public repository URL |
| Run opinionated high-signal report defaults for fast adoption |
| Analyze up to 10 rotating popular repos/day and open up to 5 remediation PRs per repo |
| Start the MCP server |
| Remove |
| Interactive project setup wizard |
| Preview auto-fix patches (add |
| Watch mode β re-evaluate on file save |
| Full tribunal report on a local directory |
| Install a Git pre-commit hook |
| Evaluate changed lines from unified diff |
| Analyze dependencies for supply-chain risks |
| Create baseline for finding suppression |
| Generate CI pipeline templates |
| Generate per-judge rule documentation |
| Shell completion scripts |
| Mark findings as true positive, false positive, or won't fix |
| Show false-positive rate statistics |
| Run detection accuracy benchmark suite |
| Interactive custom rule creation wizard |
| List custom evaluation rules |
| List available language packs |
| Export config as shareable package |
| Import a shared configuration |
| Compare judges against other code review tools |
| List all 45 judges with domains and descriptions |
| List supported regulatory frameworks and |
| Bake self-teaching amendments into judge source files |
Daily Popular Repo Automation
This repo includes a scheduled workflow at .github/workflows/daily-popular-repo-autofix.yml that:
selects up to 10 repositories per day from a default pool of 100+ popular repos (or a manually supplied target),
runs the full Judges evaluation across supported source languages,
applies only conservative, single-line remediations that reduce matching finding counts,
opens up to 5 PRs per repository with attribution to both Judges and the target repository,
skips repositories unless they are public and PR creation is possible with existing GitHub auth (no additional auth flow).
enforces hard runtime caps of 10 repositories/day and 5 PRs/repository.
Each run writes daily-autofix-summary.json (or SUMMARY_PATH) with per-repository telemetry, including:
runAggregateβ compact run-level totals and cross-repo top prioritized rules,runAggregate.totalCandidatesDiscoveredandrunAggregate.totalCandidatesAfterLocationDedupeβ signal how much overlap was removed before attempting fixes,runAggregate.totalCandidatesAfterPriorityThresholdβ candidates that remain after applying minimum priority score,runAggregate.dedupeReductionPercentβ percent reduction from location dedupe for quick runtime-efficiency tracking,runAggregate.priorityThresholdReductionPercentβ percent reduction from minimum-priority filtering after dedupe,priorityRulePrefixesUsedβ dangerous rule prefixes used during prioritization,minPriorityScoreUsedβ minimumcandidatePriorityScoreapplied for candidate inclusion,candidatesDiscovered,candidatesAfterLocationDedupe, andcandidatesAfterPriorityThresholdβ per-repo candidate counts after each filter stage,topPrioritizedRuleCountsβ most common rule IDs among ranked candidates,topPrioritizedCandidatesβ top ranked candidate samples (rule, severity, confidence, file, line, priority score).
Optional runtime control:
AUTOFIX_MIN_PRIORITY_SCOREβ minimum candidate priority score required after dedupe (default:0, disabled).
Required secret:
JUDGES_AUTOFIX_GH_TOKENβ GitHub token with permission to fork/push/create PRs for target repositories.
Manual run:
gh workflow run "Judges Daily Full-Run Autofix PRs" -f targetRepoUrl=https://github.com/owner/repoProgrammatic API
Judges can be consumed as a library (not just via MCP). Import from @kevinrabun/judges/api:
import {
evaluateCode,
evaluateProject,
evaluateCodeSingleJudge,
getJudge,
JUDGES,
findingsToSarif,
} from "@kevinrabun/judges/api";
// Full tribunal evaluation
const verdict = evaluateCode("const x = eval(input);", "typescript");
console.log(verdict.overallScore, verdict.overallVerdict);
// Single judge
const result = evaluateCodeSingleJudge("cybersecurity", code, "typescript");
// SARIF output for CI integration
const sarif = findingsToSarif(verdict.evaluations.flatMap(e => e.findings));Package Exports
Entry Point | Description |
| Programmatic API (default) |
| MCP server entry point |
| SARIF 2.1.0 formatter |
| JUnit XML formatter |
| CodeClimate/GitLab Code Quality JSON |
| SVG and text badge generator |
| Diagnostics formatter |
| Plugin system API (see Plugin Guide) |
| Finding fingerprint utilities |
| Tool comparison benchmarks |
SARIF Output
Convert findings to SARIF 2.1.0 for GitHub Code Scanning, Azure DevOps, and other CI/CD tools:
import { findingsToSarif, evaluationToSarif, verdictToSarif } from "@kevinrabun/judges/sarif";
const sarif = verdictToSarif(verdict, "src/app.ts");
fs.writeFileSync("results.sarif", JSON.stringify(sarif, null, 2));Custom Error Types
All thrown errors extend JudgesError with a machine-readable code property:
Error Class | Code | When |
|
| Malformed |
|
| Unknown judge, analyzer crash |
|
| Unparseable source code or input data |
import { ConfigError, EvaluationError } from "@kevinrabun/judges/api";
try {
evaluateCode(code, "typescript");
} catch (e) {
if (e instanceof ConfigError) console.error("Config issue:", e.code);
}License
MIT
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/KevinRabun/judges'
If you have feedback or need assistance with the MCP directory API, please join our Discord server