zen
A worktree orchestrator for AI-assisted PR reviews and feature work with Claude Code.
Scanned: February 20, 2026
Report Version: 1.0.0
How does your project compare?
Scan your repo free →Overall Grade
A197 total findings
Architecture
A20
Performance
A177
What Traditional Tools Missed
| Category | Colosseum | Bandit | Semgrep |
|---|---|---|---|
| Total | 197 | 0 | 0 |
197 findings (100%) were not detected by Bandit or Semgrep. These include compound vulnerabilities, logic errors, and context-dependent security issues that rule-based scanners aren't designed to catch.
Notable Findings
CriticalArchitecture
Function '_evaluate_all_alerts' has complexity 16
Impact: Function '_evaluate_all_alerts' has complexity 16
Recommended Fix: Review and remediate.
CriticalArchitecture
Function '_evaluate_all_alerts' has complexity 16
Impact: Function '_evaluate_all_alerts' has complexity 16
Recommended Fix: Review and remediate.
HighArchitecture
Test coverage is 45.0% (threshold: 90%)
Impact: Test coverage is 45.0% (threshold: 90%)
Recommended Fix: Review and remediate.
HighArchitecture
Function 'generate_signal' has complexity 12
Impact: Function 'generate_signal' has complexity 12
Recommended Fix: Review and remediate.
HighArchitecture
Test coverage is 45.0% (threshold: 90%)
Impact: Test coverage is 45.0% (threshold: 90%)
Recommended Fix: Review and remediate.
HighArchitecture
Function 'generate_signal' has complexity 12
Impact: Function 'generate_signal' has complexity 12
Recommended Fix: Review and remediate.
HighArchitecture
F401 'os' imported but unused
Impact: F401 'os' imported but unused
Recommended Fix: Review and remediate.
Responsible Disclosure
This public report is intended to demonstrate the depth of analysis possible with modern code scanning tools and to help the broader open source community understand common vulnerability patterns.
Scan Your Python Repo Free
Find vulnerabilities traditional tools miss. Deep analysis of Python codebases with side-by-side tool comparison.
Embed This Badge
[](https://battleharden.dev/reports/zen)