PyCharm Python Security plugin

Pycharm-security is a plugin for PyCharm, or JetBrains IDEs with the Python plugin.

The plugin looks at your Python code for common security vulnerabilities and suggests fixes.

Documentation Status GitHub CI Status Plugin Downloads Plugin Version Docker Status Coverage Status


  • Over 20 builtin code checks giving your contextual security warnings in your code
  • Misconfiguration warnings for Django and Flask web frameworks
  • Cross-Site-Scripting detection for both Jinja2 and Mako templating engines
  • SQL Injection detection in all Python string formats
  • Automatic reporting of known vulnerabilities and CVEs in your installed Python Packages within PyCharm
  • Detection of security flaws and misconfiguration in 3rd party libraries like Jinja2, Paramiko and Mako
  • Can be used to scan large code bases with inspection profiles
  • Configurable alert levels and warning suppression by file, line, or project
  • Scan code in your CI/CD using Docker


Check out the webinar for a full demo:

Release History

See Release History for the release history.


If you would like to alter or add new checks and fixes, see the Development page.

If you have bugs or issues with the existing functionality, please report them in GitHub Issues.


This plugin is MIT Licensed.


Credit to the team for SafetyDB. This plugin uses SafetyDB whilst scanning packages.

SafetyDB is licensed under Creative Commons Attribution-NonCommercial 4.0 International