semantic-code-analyzer

# Semantic Code Analyzer LLM-powered semantic analysis engine that detects business-logic trojans by comparing code intent (docstrings, function names, variable names) against actual implementation behavior. ## Purpose The core detection capability of nation-state trojan detection. Traditional SAST tools check syntax; this skill checks **semantics** — whether the code does what it claims to do. It catches operator substitutions, logic inversions, constant manipulation, narrative camouflage, and compound self-masking attacks. ## Capabilities ### Intent vs Implementation Analysis - Reads function names, docstrings, and variable names to establish **intent** - Traces code execution to determine **actual behavior** - Flags any contradiction as a potential trojan indicator ### Mathematical Verification - Plugs concrete values into changed formulas - Computes before/after results to quantify impact - Detects ratio inversions (a/b vs b/a), precision loss (/ vs //), and threshold shifts ### Docstring Contradiction Detection - Compares narrative claims in comments/docstrings against code behavior - Detects narrative camouflage where docs are updated to match malicious code - Cross-references variable naming against mathematical operations ### Test Evasion Analysis - Reads existing test fixtures to identify blind spots - Explains why each finding would pass current tests - Recommends test improvements to prevent recurrence ### Blast Radius Mapping - Uses grep/ripgrep to find a...