Are you focusing more on static analysis or runtime checks?
In my experience a lot of Django issues only show up once config + environment are combined (middleware, reverse proxy headers, etc.), so curious how far you can get without execution context.