> ## Documentation Index
> Fetch the complete documentation index at: https://scanaislop-update.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# How Scanaislop scans and scores your code

> Learn how aislop's six parallel engines analyze your codebase across 8 languages and produce a deterministic 0–100 quality score in under a second.

aislop scans your codebase by running six specialized engines in parallel — Formatting, Linting, Code Quality, AI Slop, Security, and Architecture — then combines their findings into a single 0–100 score. Because every engine uses regex, AST analysis, and standard tooling rather than a language model, you always get the same score for the same code. No API calls, no network round-trips, no nondeterminism.

## The six engines

Each engine targets a distinct category of problem. They all run concurrently, which is how aislop completes a full scan in sub-second time.

<CardGroup cols={2}>
  <Card title="Formatting" icon="paintbrush">
    Enforces consistent code style using the canonical formatter for each language: Biome for TypeScript/JavaScript, ruff for Python, gofmt for Go, cargo fmt for Rust, rubocop for Ruby, and php-cs-fixer for PHP.
  </Card>

  <Card title="Linting" icon="magnifying-glass">
    Catches language-specific bugs and bad practices via oxlint (TypeScript/JavaScript), ruff (Python), golangci-lint (Go), clippy (Rust), rubocop (Ruby), and expo-doctor for Expo/React Native project health.
  </Card>

  <Card title="Code Quality" icon="chart-bar">
    Measures structural complexity and finds dead code: oversized functions and files, deep nesting, too many parameters, duplicate blocks, unused declarations, and unused dependencies via knip (JS/TS).
  </Card>

  <Card title="AI Slop" icon="robot">
    The engine unique to aislop. Catches the patterns AI coding agents leave behind — narrative and trivial comments, swallowed exceptions, `as any` casts, TODO stubs, hallucinated imports, unreachable code, and more.
  </Card>

  <Card title="Security" icon="shield-halved">
    Finds hardcoded secrets, unsafe constructs (`eval`, `innerHTML`, SQL/shell injection), and vulnerable dependencies via npm, pip, cargo, and govulncheck audits.
  </Card>

  <Card title="Architecture" icon="sitemap">
    Opt-in structural rules you define in `.aislop/rules.yml`: ban specific imports project-wide, enforce layer boundaries, or require certain patterns in specific file paths.
  </Card>
</CardGroup>

## Parallel execution and sub-second results

All six engines start at the same time. aislop does not wait for one engine to finish before launching the next. On most projects you get a complete scan — formatting, linting, complexity, AI slop, security, and architecture — in well under a second.

## Supported languages

aislop fully supports eight language targets. The table below shows which engines apply to each one.

| Language            | Format       | Lint                 | Code Quality     | AI Slop                       | Security       |
| ------------------- | ------------ | -------------------- | ---------------- | ----------------------------- | -------------- |
| TypeScript          | Biome        | oxlint               | knip, complexity | All rules                     | All rules      |
| JavaScript          | Biome        | oxlint               | knip, complexity | All rules                     | All rules      |
| Expo / React Native | Biome        | oxlint + expo-doctor | knip, complexity | All rules                     | All rules      |
| Python              | ruff         | ruff                 | complexity       | Imports, exceptions, comments | Secrets, audit |
| Go                  | gofmt        | golangci-lint        | complexity       | Exceptions, comments          | Secrets, audit |
| Rust                | cargo fmt    | clippy               | complexity       | Comments                      | Secrets, audit |
| Ruby                | rubocop      | rubocop              | complexity       | Exceptions, comments          | Secrets        |
| PHP                 | php-cs-fixer | —                    | complexity       | Comments                      | Secrets        |

<Note>
  If your repository is primarily written in an unsupported language (C, C++, C#, Swift, Kotlin, etc.), aislop **withholds the score** rather than printing a number based on a handful of incidental files. The CLI explains why and `--json` output returns `"score": null` along with `"scoreable": false` and a `coverage` breakdown.
</Note>

## Deterministic by design

aislop uses regex matching, AST analysis, and well-established language tooling at runtime — never a language model. Given identical input code, you will always get an identical score. This makes aislop safe to use in CI gates, pre-commit hooks, and editor integrations without worrying about flaky or nondeterministic results.

<Tip>
  Run `aislop doctor` to check which engines can run in your environment. Some engines require their respective toolchains (Go, Rust, Ruby, PHP) to be installed.
</Tip>