AI-powered full codebase scanner for Claude Code. Opens a separate Claude session for every file — reads every line, misses nothing.

I had 942 files and 189,000 lines of code. No matter what I tried — agents, GSD workflows, manual prompting — Claude always skipped lines, summarized instead of reading, and produced shallow reports. After 10+ failed sessions, I built eliniscan. It opened 942 separate Claude sessions, one per file, each with a fresh 1M context window. 11 hours later: 3,894 real issues found. Every line was actually read.

AI code review tools scan diffs or use regex patterns. Claude Code reads your code in conversation, but:

• Context fills up → earlier files get compressed → details lost
• Claude optimizes → skips "boring" JSX, summarizes instead of reading
• You can't verify → no proof every line was actually analyzed

eliniscan takes a different approach:

┌─────────────┐     ┌─────────────┐     ┌─────────────┐
│   File 1    │     │   File 2    │     │   File N    │
│ Fresh 1M    │     │ Fresh 1M    │     │ Fresh 1M    │
│ context     │     │ context     │     │ context     │
│ 100% focus  │     │ 100% focus  │     │ 100% focus  │
└──────┬──────┘     └──────┬──────┘     └──────┬──────┘
       │                   │                   │
       └───────────┬───────┘───────────────────┘
                   │
          ┌────────▼────────┐
          │  FINDINGS.md    │
          │  #001, #002...  │
          │  Every issue    │
          │  with line no.  │
          └─────────────────┘

Each file gets its own Claude session. No shared context, no compression, no skipping. The only way to guarantee every line is read.

npm install -g eliniscan

Requires Claude Code CLI (claude command).

Inside Claude Code, use these commands:

/eliniscan:scan

Asks you:

1. Depth: full (every line) or quick (critical patterns)
2. Model: opus (thorough), sonnet (balanced), haiku (fast)
3. File types: Default ts,tsx,js,jsx,css
4. Severity: all or high (CRITICAL + HIGH only)

Then scans every file. Progress shown live:

[142/942] (15%) src/app/api/auth/login/route.ts (89 lines)
  ⚠ 4 issues
[143/942] (15%) src/app/api/auth/logout/route.ts (23 lines)
  ✓ CLEAN

/eliniscan:fix

Three-phase auto-fix:

1. Fix — sends each file + its findings to Claude, writes fixed code
2. Verify — re-scans fixed files for new issues, fixes those too
3. Build — runs tsc --noEmit + npm run build

/eliniscan:report

Shows summary:

═══════════════════════════════════════════════════
  eliniscan Report
═══════════════════════════════════════════════════

  Files scanned:    942 / 942
  Total issues:     3,894
  Fixed:            3,047

  ── Severity ──────────────────────────────────
  CRITICAL    128    ██░░░░░░░░  3%
  HIGH        854    ████░░░░░░  22%
  MEDIUM     1357    ██████░░░░  35%
  LOW        1207    █████░░░░░  31%

  ── Categories ────────────────────────────────
  Security:        1,179
  Bug:             2,057
  Performance:       732
  Error Handling:    918
  Code Quality:      448

/eliniscan:update

Checks npm for newer version, shows changelog, updates.

Tested on a production Next.js app (942 files, 189K lines):

Top findings:

• 32× logActivity not awaited (silent failures)
• 9× Missing rate limiting on API routes
• 40+ DB queries without try/catch
• Race conditions in WebSocket handlers
• Hardcoded Google Drive folder IDs

• Claude Code CLI installed and authenticated
• Node.js 18+
• Claude Pro/Max subscription (for claude --print)

Using Sonnet (default):

• ~500 files: ~5 hours scan, ~3 hours fix
• ~1000 files: ~11 hours scan, ~7 hours fix

Using Opus (thorough):

• ~2x slower, catches more subtle issues

All runs on your existing Claude subscription — no additional API costs.

Add these to .gitignore if you don't want them in your repo.

MIT

Alp Yenigun — Built while auditing a 189K line production codebase and getting frustrated that no tool would actually read every line.

• GitHub: @alpyenigun