Skip to content

Static auditor for AI codebases

Your AI code is three months out of date.

AIOptimize scans your repo, finds the cache headers, model versions, and context patterns you're missing — and writes the diffs for you.

$ pipx install aioptimize && aioptimize scan .
See it in action

MIT-licensed CLI. No runtime telemetry. No SaaS required.

“We went from $14k/mo on Claude to $5.2k/mo in two weeks. AIOptimize found the caching we'd missed on 11 endpoints.”

CTO, Series B AI SaaS · Illustrative, anonymized design-partner quote

How it works

Three steps from repo to ranked, diffable findings.

1. Scan

Point AIOptimize at your repo. It walks your Python and TS/JS sources and maps every call into the Anthropic and OpenAI SDKs. No runtime telemetry needed.

2. Match

Every LLM call is checked against a weekly-updated knowledge base of provider best practices — caching, model tiers, context shape, structured output.

3. Fix

Get a ranked list of suggested diffs with estimated cost and latency impact. Paste them into a PR, or let the GitHub bot open one for you.

What it finds

A sample scan against a typical Series-B Python codebase. Every finding points at a real call site, with a severity and a suggested fix.

~/app — aioptimize scan . 
$ aioptimize scan .

Scanning 142 files (Python: 96, TS/JS: 46)
KB version 2026.04.15 · 37 detectors · verified 3 days ago

warn   D001  Anthropic system prompt without cache_control
       src/agents/router.py:42  client.messages.create(...)
       Suggested: add cache_control={"type":"ephemeral"} to the system block
       Impact: est. $180–$420/mo at current traffic

warn   D002  Deprecated model version
       src/workers/summarize.ts:18  model: "claude-2.1"
       Suggested: migrate to claude-sonnet-4-5
       Impact: capability gap, support sunset 2026-06-30

info   D003  messages.create without max_tokens
       src/chat/stream.py:87
       Suggested: set max_tokens to cap runaway responses
       Impact: tail-latency + cost variance

Done. 2 warn, 1 info · 0 error
Exit 0. Use --fail-on-severity warn to block CI.

Output shortened for readability. See the docs for the full detector reference.

Frequently asked

Do you see our code?

CLI: no. Scans run locally. The optional PR bot has access via a GitHub App with read-only code scope; findings strip prompt content before storage.

Do you call the AI providers?

No inference at scan time. The MVP is 100% offline — the knowledge base is shipped with the CLI and refreshed on release.

How fresh is the knowledge base?

The KB version and last-verified date are shown on every report. Our crawler runs nightly and each entry is human-reviewed before publish.

Will this break my CI?

Off by default. Opt in with --fail-on-severity to block on findings of a given severity or above.

Does it support my stack?

Python and TypeScript/JavaScript at launch. Anthropic, OpenAI, LangChain, and the Vercel AI SDK are covered today. Others on request.

Try it on your repo in 30 seconds.

The CLI is MIT-licensed and runs locally. Upgrade when you want the PR bot and dashboard.

$ pipx install aioptimize