PyCharm Python Security plugin¶
Pycharm-security is a plugin for PyCharm, or JetBrains IDEs with the Python plugin.
The plugin looks at your Python code for common security vulnerabilities and suggests fixes.
Contents:
Features¶
- Over 20 builtin code checks giving your contextual security warnings in your code
- Misconfiguration warnings for Django and Flask web frameworks
- Cross-Site-Scripting detection for both Jinja2 and Mako templating engines
- SQL Injection detection in all Python string formats
- Automatic reporting of known vulnerabilities and CVEs in your installed Python Packages within PyCharm
- Detection of security flaws and misconfiguration in 3rd party libraries like Jinja2, Paramiko and Mako
- Can be used to scan large code bases with inspection profiles
- Configurable alert levels and warning suppression by file, line, or project
- Scan code in your CI/CD using Docker

Demo¶
Check out the webinar for a full demo:
Release History¶
See Release History for the release history.
Contributing¶
If you would like to alter or add new checks and fixes, see the Development page.
If you have bugs or issues with the existing functionality, please report them in GitHub Issues.
License¶
This plugin is MIT Licensed.
Credits¶
Credit to the PyUp.io team for SafetyDB. This plugin uses SafetyDB whilst scanning packages.
SafetyDB is licensed under Creative Commons Attribution-NonCommercial 4.0 International