Designed and developed a Command Line Interface (CLI) security tool that leverages the Google Gemini API (gemini-2.5-flash) to perform advanced, AI-driven vulnerability analysis on Python codebases. This tool acts as an automated security engineer, scanning source code to detect critical flaws before they reach production.

The scanner parses Python files and evaluates them against a detailed security prompt to identify vulnerabilities such as SQL injection, hardcoded secrets (API keys and database passwords), weak cryptography (e.g., MD5 hashing), insecure deserialization, and improper input validation. It outputs a structured, color-coded terminal report assigning severity ratings (🔴 High, 🟠 Medium, 🟢 Low) to each finding. For every detected issue, the tool provides the vulnerability type, the exact line number, a concise explanation of the risk and potential impact, and actionable remediation advice with secure code fixes.

The architecture is built on a lightweight Python foundation using a virtual environment for dependency isolation. It utilizes the google-generativeai SDK for model interaction and python-dotenv for secure environment variable management, ensuring API keys are never hardcoded. This project demonstrates the ability to integrate cutting-edge Large Language Models (LLMs) into traditional DevSecOps workflows, providing enterprise-grade security scanning capabilities directly within the developer's terminal.