Without Flyto Indexer

You:    "Rename validateOrder to validate_order"

AI:     *renames the function*
        *greps for "validateOrder"*
        *finds 3 matches in the same project*
        *misses 4 callers in the frontend repo*
        *misses the API endpoint that routes to it*
        *pushes broken code*

With Flyto Indexer

You:    "Rename validateOrder to validate_order"

AI:     → impact(target="validateOrder", change_type="rename")

        ⚠️ 7 call sites across 3 projects:
          backend/checkout.py:42     — calls validateOrder()
          backend/api/orders.py:18   — imports validateOrder
          frontend/Cart.vue:55       — calls via useCheckout()
          frontend/QuickBuy.vue:23   — calls via useCheckout()
          mobile/OrderScreen.tsx:67  — API call to /api/validate
          tests/test_orders.py:12    — unit test
          tests/test_api.py:88       — integration test
          Risk: HIGH — 3 projects affected
          Test file: tests/test_orders.py
          Cross-project: 2 other repos affected

        *renames all 7 call sites, updates tests, pushes clean code*

That's the difference. grep finds text. This finds dependencies.

Install

pip install flyto-indexer
flyto-index setup .

That's it. One command does everything:

1. Scans your project and builds the code index
2. Writes CLAUDE.md with tool usage instructions
3. Configures Claude Code MCP settings (~/.claude/settings.json)

Restart Claude Code and start using it. Works with any MCP client — Claude Code, Cursor, Windsurf, etc.

Usage

Use flyto-index verify as the default gate before an AI agent finishes a code change. It runs the local indexer, validates graph integrity, checks context and impact loops, verifies CI/package/MCP runtime/working-tree closure, and runs the built-in weak scanners without Semgrep, Checkov, or network access.

flyto-index scan . --full
flyto-index verify . --strict
flyto-index verify-workspace /Users/chester/flytohub --project flyto-code --project flyto-engine --project flyto-indexer
flyto-index verify . --save-baseline .flyto-baselines/flyto-indexer.json --json
flyto-index verify . --baseline .flyto-baselines/flyto-indexer.json --regression-only
flyto-index verify-workspace . --changed-only --base origin/main
flyto-index verify . --report verify.sarif --report-format sarif
flyto-index verify-baseline compare . --baseline .flyto-baselines/flyto-indexer.json
flyto-index flyto2-product-gate /Users/chester/flytohub --health-report config/flyto2/health-baseline-2026-06-21.json
flyto-index flyto2-memory-bootstrap /Users/chester/flytohub --apply
flyto-index impact MySharedSymbol --path .
flyto-index context --path . --query "auth routes query keys"
flyto-index secrets . --json
flyto-index taint . --json --max-results 100

For CI, use verify --strict to fail on incomplete graph closure, unresolved impact references, high-risk secret findings, high-risk taint flows, missing agent instructions, incomplete CI gates, generated/high-risk changed files, runtime dependency drift, package manifest drift, suspicious baselines, or MCP tool/runtime drift. Use --baseline with --regression-only when a project has known warnings but new AI-generated regressions must still be blocked.

Use flyto2-product-gate for the Flyto2 workspace release gate. It validates the five product lines, repo classification, project memory, and health targets before a release can be considered production-ready. Use flyto2-memory-bootstrap to create missing project-memory, workflow, and handoff files from the same manifest without overwriting existing files.

Project-specific verify budgets live in .flyto-rules.yaml under verify:. This stays stdlib-only; the verifier reads a small no-dependency subset:

verify:
  allow_warn: [docs_coverage]
  warn_as_fail: [agent_hygiene, generated_index_ignore, mcp_registry]
  min_docs_score: 60

{
  "mcpServers": {
    "flyto-indexer": {
      "command": "python3",
      "args": ["-m", "flyto_indexer.mcp_server"]
    }
  }
}

flyto-index scan .
flyto-index setup-claude .

git clone https://github.com/flytohub/flyto-indexer.git
cd flyto-indexer && pip install -e .
flyto-index setup .

flyto-index setup . --remove
pip uninstall flyto-indexer

What It Does

Impact Analysis — the core feature

Every tool an AI already has (grep, file read, glob) finds text. None of them answer "what depends on this?"

One call gives you everything — references, blast radius, cross-project impact, and test files:

→ impact(target="useAuth")

  References: 12 across 4 projects
    flyto-cloud:  LoginPage.vue, RegisterPage.vue, AuthGuard.ts, api.ts
    flyto-pro:    vscode_agent/tools.py, middleware/auth.py
    flyto-vscode: ChatHandler.ts, AuthProvider.ts
    flyto-core:   modules/auth/login.py
  Risk: HIGH — shared across 4 projects
  Cross-project: 3 other repos affected
  Test file: tests/test_auth.py

Works with uncommitted changes too:

→ impact(mode="unstaged")

  3 symbols affected by your changes:
    validate_order  — 5 callers, test: tests/test_orders.py
    OrderSchema     — used in 2 API endpoints
    format_receipt  — no callers (safe)

Cross-Language API Tracking

Python backend endpoints automatically linked to TypeScript/Vue frontend callers:

→ structure(focus="apis")

  POST /api/checkout
    Defined in: backend/routes/order.py (create_order)
    Called by:   frontend/Cart.vue, frontend/api/orders.ts
    Call count: 4

Detects FastAPI, Flask, Starlette decorators + fetch(), axios, $http calls.

Code Health & Security

One call audits everything — auto-expands weak dimensions with detailed findings:

→ audit()

  Health: 74/100 (C)

  ⚠️ Security (60/100) — auto-expanded:
    2 critical: hardcoded API keys in config.py, settings.py
    1 high: SQL string concatenation in query.py

  ⚠️ Complexity (65/100) — auto-expanded:
    process_data() — 87 lines, depth=6 → extract sub-functions

  ✓ Dead code (90/100) — passing
  ✓ Documentation (85/100) — passing

  Git hotspots: order.py (42 commits, complexity=8.5)

  Refactoring suggestions:
    [high]   process_data() → extract sub-functions
    [medium] dead_fn() — unreferenced, 45 lines → safe to remove

Taint Analysis — track data flow, not just patterns

AST-based engine that tracks how untrusted data flows from sources to dangerous sinks. Unlike regex pattern matching, it follows variables through assignments, f-strings, and function calls — with sanitizer awareness to eliminate false positives.

→ audit(focus="security")

  Taint flows detected:
    [high] src/api/users.py:42
      SQL injection: request.args.get('id') → cursor.execute(query)
      Flow: request.args.get('id') → user_id → query (f-string) → cursor.execute()
      Fix: Use parameterized query: cursor.execute(sql, params)

    [critical] src/api/admin.py:18
      RCE: request.form.get('code') → eval(code)
      Fix: Never eval() user-controlled strings

• Python: Full AST analysis — tracks taint through assignments, f-strings, concat, for loops
• Cross-function: Detects when tainted data is passed as an argument to a function with a dangerous sink
• JS/TS/Go: Regex-based fallback for common taint patterns
• Sanitizer-aware: int(), html.escape(), shlex.quote(), parameterized queries all break the taint chain
• Project DSL: Declare custom sources / sinks / sanitizers in .flyto-rules.yaml under taint: (merged on top of built-in defaults; taint_rules.yaml is also still honored for backward compat)

# .flyto-rules.yaml
taint:
  sources:
    - pattern: "ctx.payload"
      language: python
      taint_type: user_input
  sinks:
    - pattern: "dangerousEval("
      vuln_type: rce
      severity: critical
      recommendation: "Use sandbox runner"
  sanitizers:
    - pattern: "safe_html("
      cleanses: ["xss"]

flyto-index add-taint-source . --pattern "ctx.payload" --taint-type user_input
flyto-index add-taint-sink   . --pattern "dangerousEval(" --vuln-type rce --severity critical
flyto-index list-taint-rules .

Project Rules — AI learns from your corrections

.flyto-rules.yaml — structured, versionable project conventions that audit enforces automatically.

# .flyto-rules.yaml
architecture:
  - rule: "i18n files must be in flyto-i18n/"
    glob_deny: ["flyto-cloud/**/*.locale.json"]

style:
  - rule: "Frontend does no data processing"
    grep_deny: [{ pattern: '\breduce\s*\(', glob: "*.vue" }]

conventions:
  - rule: "Commit messages in English"

When you correct the AI ("don't put i18n files there"), it auto-writes a verifiable rule — so the mistake never happens again, for any AI, any tool:

User corrects AI → add_rule() writes .flyto-rules.yaml → audit checks compliance

• glob_deny — files in wrong locations
• grep_deny — forbidden code patterns in specific file types
• conventions — text-only guidance (no automated check)
• Rules accumulate over time — no upfront config needed

Architecture Layers — declare who may import whom

Declarative layer membership + import constraints. The indexer walks the import graph (Python / TS / JS / Vue / Go) and flags every edge that crosses a forbidden boundary. No plugin, no runtime — just .flyto-rules.yaml and audit.

layers:
  - name: ui
    paths: ["src/pages/**", "src/components/**"]
    can_import: [lib, hooks, types]
    reason: "UI is the top layer"

  - name: lib
    paths: ["src/lib/**"]
    cannot_import: [ui]
    reason: "lib must be UI-agnostic"

  - name: db
    paths: ["src/db/**"]
    can_import: [types]

cross_imports_deny:
  - from: "src/features/a/**"
    to:   "src/features/b/**"
    reason: "features must not cross-import — use shared/"

flyto-index layers .                      # human-readable report
flyto-index layers . --json --fail-on-violation   # CI gate (exits non-zero)
flyto-index add-layer --name ui --paths "src/ui/**" --cannot-import db

• can_import — whitelist (only these layers + self allowed)
• cannot_import — blacklist (overrides the whitelist)
• Path aliases from tsconfig.json paths and Go module paths from go.mod are resolved automatically
• audit picks up layer violations with no extra flag

Task Analysis — plan before you code

Scores risk across 6 dimensions and generates an execution plan:

→ task(action="plan", description="Rename validateOrder to validate_order", intent="refactor")

  Dimensions:
    blast_radius:      HIGH (8.0)  — 7 callers across 3 projects
    breaking_risk:     HIGH (7.0)  — public API, used by external consumers
    test_risk:         MEDIUM (5.0) — 2/7 callers have test coverage
    cross_coupling:    HIGH (8.0)  — referenced in 3 projects
    complexity:        LOW (2.0)   — straightforward rename
    rollback_difficulty: MEDIUM (5.0) — multi-project change

  Execution Plan:
    1. scope_callers       → find_references("validateOrder")
    2. verify_test_coverage → find_test_file("checkout.py")
    3. check_cross_project → cross_project_impact("validateOrder")
    4. ⛔ gate_before_plan → task_gate_check(phase="plan")
    5. preview_changes     → edit_impact_preview("validateOrder", "rename")
    6. ⛔ gate_before_apply → task_gate_check(phase="apply")

Each step has pre-filled arguments — AI follows the data structure, not prompts. Server-side enforcement blocks skipping gates.

Tools

5 smart tools. Each one auto-enriches results with related data — no need to pick between dozens of granular tools.

Languages

How It Works

flyto-index scan .

1. Parse — AST (Python) or regex (others) extracts every function, class, and import
2. Graph — Builds dependency graph + reverse index (caller → callee)
3. Serve — MCP server answers queries from the graph in memory
4. Incremental — Re-scans only changed files, incrementally patches reverse_index and BM25 (10-50x faster than full rebuild)
5. LSP — Optional type-aware references via pyright/tsserver/gopls/rust-analyzer (zero deps, graceful fallback)

.flyto-index/
├── index.json       # Symbols + dependency graph + reverse index
├── content.jsonl    # Source code (lazy-loaded)
├── bm25.json        # BM25 keyword search index
├── semantic.json    # TF-IDF + learned ConceptGraph (v2.2+)
└── manifest.json    # Change tracking

CI: Block Risky Changes

# Fail the PR if changes affect too many call sites
- run: pip install flyto-indexer
- run: flyto-index verify . --full-scan --strict
- run: flyto-index check . --threshold medium --base main

CLI

flyto-index setup .                       # One command: scan + CLAUDE.md + MCP config
flyto-index scan .                        # Index (or re-index)
flyto-index impact useAuth --path .       # Impact analysis
flyto-index check . --threshold medium    # CI gate
flyto-index demo .                        # 30-second demo
flyto-index install-hook .                # Auto-reindex on commit
flyto-index setup . --remove              # Uninstall

Privacy

100% local. No code is sent anywhere. Delete .flyto-index/ to clean up completely.

Limitations

• Static analysis only — dynamic imports and metaprogramming not tracked
• No type inference — complex TypeScript generics simplified
• Cross-project tracking requires all projects indexed together

License

Apache License 2.0. See NOTICE for attribution.