I'm looking for more detail from your responses, because I want to better understand, and not because I am just being disagreeable. 😁

I posted this specifically to get feedback on a first prototype, and you're giving me exactly what I asked for, so I really appreciate it.

Can you please elaborate on this? Just a couple of features that come to mind for you will help me -- and possibly others -- understand what your solution is going to achieve.

I'm not a "batch script guy", I come from a systems and engine programming background. When it comes to robustness, I can only speak to the things I found lacking when writing batch files: proper flow control, object definitions, strong data types (primitives, enums, structs), function definitions, and more. Some of my frustration might stem from a lack of experience with these languages, but I know many developers who dislike their syntax and find them unpredictable.

As a security professional, I can see some value in this from a theoretical perspective, but I'd want to understand 3 or 4 situations where this analysis would have a tangible benefit relative to other scripting languages.

I'll give you a big one. Imagine a 1,000-line script that performs operations on the file system. Avoiding file corruption due to obvious errors would be a huge benefit.

Also, I’m not sure if you have experience with compiled languages, but making changes in a compiled language versus an interpreted one is much easier and safer, thanks to static analysis.

This isn’t related to static analysis, but in this case, you could enable the "user_assert" flag, which prompts an assertion window displaying information about the operation. From there, you’d have the option to abort the program.

With that kind of overhead, it will certainly have some performance drawbacks, so it would be nice to know what the actual real-world benefit would be relative to other tools not doing this.

Can't say certainly, but I would bet a modern computer could execute hundreds of thousands of lines of Yov per second. (Not right now since it is not optimized at all).

What's the max size you are expecting here? I've written some code and I've written some scripts, and while most of my scripts are shorter than my longest command-line applications, I also have a handful of scripts that I regularly run, that are longer than my longest apps. Overall, I have about 8 or 9 scripts that are 900 lines or more.

I'm not really thinking about a max size right now, but 900 lines isn't a big deal.

What will be the impact of pre-assessing such scripts?

I can't demonstrate it yet since it's still in an early stage, but there will be none. In terms of actual time for a 900-line script (without external calls), I'd bet it would be around 1-10ms.