Your FastAPI codebase has a problem or coding agent writes not good enough FastAPI code. FastAPI-therapist deterministically scans codebase and find problems - acorss architecture, security, performance, dependency injection, and code health.
Run this at your FastAPI project root to get an audit.
uv add fastapi-therapistOR
pip install fastapi-therapistfastapi-therapist . - note:
.for current directory
Once you have an audit, install the skill so your coding agent learns from the issues and fixes them going forward.
fastapi-therapist installWorks with Claude Code, Cursor, Codex, and other agent-based tools.
fastapi-therapist reviews every pull request and reports only the issues you changed introduced - not your existing backlog.
fastapi-therapist:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Checkout the python version
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install fastapi-therapist
run: pip install fastapi-therapist
- name: Run fastapi-therapist
run: fastapi-therapist . --verbose --diff
You can configure which rules to run and how to run them in pyproject.toml or fastapi-doctor.config.json
50 rules across 7 categories:
- Architecture — layering violations, circular imports, route/service boundary leaks
- Security — missing auth dependencies, unsafe CORS, secrets in code, injection-prone queries
- Dependency Injection — misused
Depends(), request-scoped state leaks, missing overrides in tests - Database — N+1 queries, missing indexes, session lifecycle issues (SQLModel/SQLAlchemy)
- Performance — blocking calls in async routes, sync I/O in async handlers, unbounded pagination
- Validation — Pydantic model misuse, missing response models, loose typing on inputs
- Code Health — dead code, unused imports, inconsistent error handling Each finding includes a severity, the file/line, and a short explanation of why it matters.
MIT-licensed
