#1
PHP Static Analysis Tool - discover bugs in your code without running it!
14K starsJun 15, 2026 pushdevelopmentPHPStatic Analysis
$ npx skills add phpstan/phpstanAlternatives
SVF alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
SVF
Static Value-Flow Analysis Framework for Source Code
99
Quality
89
Trust
1.7K
Stars
#2
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
54K starsJun 12, 2026 pushdevelopmentC++Static Analysis
$ npx skills add WerWolv/ImHex#3
A LLVM-based static analysis framework.
1.0K starsJun 11, 2026 pushdevelopmentC++Static Analysis
$ npx skills add secure-software-engineering/phasar#4
Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.
6.8K starsJun 11, 2026 pushdevelopmentJavaScriptStatic Analysis
$ npx skills add sverweij/dependency-cruiser#5
A static code analysis tool for the Elixir language with a focus on code consistency and teaching.
5.2K starsJun 5, 2026 pushdevelopmentElixirStatic Analysis
$ npx skills add rrrene/credo#6
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
3.9K starsJun 13, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add spotbugs/spotbugs#7
An extensible multilanguage static code analyzer.
5.4K starsJun 12, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add pmd/pmd#8
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
2.4K starsMay 23, 2026 pushdevelopmentPHPStatic Analysis
$ npx skills add phpmd/phpmd#9
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
2.4K starsMar 26, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add find-sec-bugs/find-sec-bugs#10
static analysis of C/C++ code
6.6K starsJun 12, 2026 pushdevelopmentC++Static Analysis
$ npx skills add cppcheck-opensource/cppcheck#11
CodeCompass is a software comprehension tool for large scale software written in C/C++, C# and Python.
603 starsMay 22, 2026 pushdevelopmentC++Static Analysis
$ npx skills add Ericsson/CodeCompass#12
Next-gen phpDoc parser with support for intersection types and generics
1.5K starsJun 10, 2026 pushdevelopmentPHPStatic Analysis
$ npx skills add phpstan/phpdoc-parser#13
Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
1.9K starsJun 12, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add INRIA/spoon#14
An Intelligent Python Code Quality Analyzer
1.0K starsJun 14, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add ludo-technologies/pyscn#15
Static analyzer for C/C++ based on the theory of Abstract Interpretation.
3.2K starsMay 31, 2026 pushdevelopmentC++Static Analysis
$ npx skills add NASA-SW-VnV/ikos#16
SonarSource Static Analyzer for JavaScript and TypeScript
1.2K starsJun 14, 2026 pushdevelopmentTypeScriptStatic Analysis
$ npx skills add SonarSource/SonarJSHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep SVF if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.