Add CodeSafer — AI code security scanner

[goldmembrane]

What

Add CodeSafer to the static analysis tool index by creating data/tools/codesafer.yml.

Note: I initially edited README.md directly, which failed the readme-check job (README is generated from YAML). Force-pushed a corrected commit that adds only data/tools/codesafer.yml and leaves README untouched.

Entry

name: CodeSafer
categories:
  - linter
tags:
  - ci
  - security
  - javascript
  - typescript
  - nodejs
  - configfile
license: ISC
types:
  - cli
source: "https://github.com/goldmembrane/cleaner-code"
homepage: "https://codesafer.org/"
plans:
  oss: true
  free: true
description: >-
  AI code security scanner packaged as a Model Context Protocol (MCP) server.
  Detects 9 categories of threats in AI-generated code...

About CodeSafer

CodeSafer is a static code security scanner packaged as a Model Context Protocol (MCP) server. It combines 8 deterministic static analysis scanners with a CodeBERT deep learning classifier to detect security threats in AI-generated code.

Key features:

• 8 static analysis scanners (invisible Unicode, BiDi, homoglyphs, encoding, obfuscation, steganography, rules backdoors, dependency risks)
• CodeBERT transformer for novel/obfuscated threat detection
• Language-agnostic Unicode, BiDi, homoglyph detection
• TypeScript/JavaScript and Node.js dependency scanning
• Runs locally — no code leaves the developer's machine
• Free tier; open source (ISC license)

Website: https://codesafer.org/
Source: https://github.com/goldmembrane/cleaner-code
License: ISC
Runtime: Node.js >= 18

Checklist

• Added data/tools/codesafer.yml (not a direct README edit)
• Tags all exist in data/tags.yml
• oss: true, free: true reflect the open-source ISC license and free tier
• Description fits the file format

[goldmembrane]

Force-pushed a corrected commit. Summary of the two check failures you may have seen:

1. readme-check (first run, failed) — My initial commit edited README.md directly. I've reset the branch and replaced it with data/tools/codesafer.yml. readme-check now passes on the new commit. README is untouched.

2. pr-check (current, failed) — The pr-check binary validated the YAML successfully (log shows Checking 'CodeSafer'... then exits). The actual failure is the downstream POST /repos/.../issues/1804/comments returning 403 Forbidden: Resource not accessible by integration, which is the standard fork-PR GITHUB_TOKEN limitation — forks can't write comments on upstream PRs. The YAML content itself passed validation.

Happy to adjust anything in the tool entry — categories, tags, wording. Thanks for maintaining this list!