Show HN: Patchsmith – Agentic wrapper for CodeQL (finetune, triage, fix with AI)

Can Agentic AI be used to augment existing tools? I think there is a lot of nice open source software out there that is too complex/difficult/heavy for most users. There is an opportunity to use AI to simplify the user experience through some automation.

This is the little experiment I did here, building an AI-SAST by wrapping CodeQL with an agentic layer. It makes it so easy to use CodeQL that I’m now revisiting past projects and discovering quite a few surprises!

The agent is used to:

- write custom codeql queries based on the code and a prompt

- triage SARIF output and group issues, extract most important ones

- investigate issues for risk, false positive, etc

- prepare pull requests with fixes

Github: https://github.com/eschnou/patchsmith

Blog post with more details: https://blog.transcode.be/patchsmith-ai-codeql-cli/

What other interesting open source tool could benefit from a AI driven UI/UX wrapper layer?