Production-grade static analysis agent that scans source code for security vulnerabilities (SQL injection, XSS, command injection, path traversal, hard-coded secrets), performance anti-patterns, coding standards violations, and cyclomatic complexity. Supports Python, JavaScript/TypeScript, Java, and Go. Returns a quality score (0-100), line-level findings with severity, fix suggestions, and complexity metrics.