Skylos - Python SAST, Dead Code Detection & PR Gate

Version updated for https://github.com/duriantaco/skylos to version v4.10.0.

• This action is used across all versions by 17 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Skylos is an open-source static analysis tool and CI/CD PR gate designed to identify and address issues in Python, TypeScript, JavaScript, Java, Go, PHP, and Rust codebases. It automates tasks such as detecting dead code, security vulnerabilities, hardcoded secrets, code quality issues, and regressions in AI-generated code. By providing framework-aware insights and diff-based checks, Skylos enhances development workflows and ensures cleaner, more secure code before it is merged.

What’s Changed

4.10.0 (2026-05-02)

Features

• analyzer: add configurable vibe guardrails (b789334)
• analyzer: add Python liveness evidence for dead-code detection (#272) (f5c53b3)
• cli: add concise IDE-friendly output (#279) (07d22cc)

Bug Fixes

• analyzer: cover rust and workspace edge cases (721235b)
• analyzer: harden rust and monorepo resolution (565fc8f)
• analyzer: restore configurable vibe guardrails (#271) (61aa187)
• ci: harden enterprise workflow generation (#268) (8568bc0)
• cli, quality: honor gate exits and ignore annotation strings (#275) (5a8d3f6)
• cli: honor strict scan exit codes (#278) (b98db50)
• sync: block direct main pushes (#269) (9ed6fe6)

• Duriantaco
• GitHub Actions