kcenon/code-quality
project/.claude/skills/code-quality/SKILL.md
Run comprehensive code quality analysis: cyclomatic complexity, code smells, SOLID principle violations, dead code detection, duplication analysis, and maintainability scoring. Use when reviewing code quality, conducting code audits, checking technical debt, analyzing complexity metrics, or evaluating any file or directory for quality issues.
$ install --global
skillsauthnpx skillsauth add kcenon/claude-config code-qualityInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 10:42 AM8.7s1 file scanned
SKILL.md
- name:
- code-quality
- description:
- Run comprehensive code quality analysis: cyclomatic complexity, code smells, SOLID principle violations, dead code detection, duplication analysis, and maintainability scoring. Use when reviewing code quality, conducting code audits, checking technical debt, analyzing complexity metrics, or evaluating any file or directory for quality issues.
- argument-hint:
- <file-or-directory> [--verbose]
- user-invocable:
- true
- context:
- fork
- paths:
- **/*.{cpp,py,ts,go,rs,kt,java}
Code Quality Analysis Command
Analyze code quality and provide improvement suggestions.
Usage
/code-quality [FILE_PATH or DIRECTORY]
Arguments
FILE_PATH or DIRECTORY: Target to analyze (required)- If directory, analyze all supported files recursively
Options
| Option | Default | Description | |--------|---------|-------------| | --depth | unlimited | Max directory depth for recursive analysis | | --format | markdown | Output format (markdown, json) | | --verbose | false | Include detailed metrics |
Instructions
Perform comprehensive code quality analysis:
1. Complexity Analysis
- Cyclomatic complexity
- Cognitive complexity
- Nesting depth
- Function length
2. Code Smells
- Long methods
- Large classes
- Feature envy
- Data clumps
- Primitive obsession
3. SOLID Principles
- Single Responsibility
- Open/Closed
- Liskov Substitution
- Interface Segregation
- Dependency Inversion
4. Best Practices
- Naming conventions
- Error handling
- Logging practices
- Documentation coverage
5. Maintainability
- Code duplication
- Dead code
- Unused dependencies
- Technical debt
Thresholds
| Metric | OK | Warning | Critical | |--------|-----|---------|----------| | Cyclomatic Complexity | ≤10 | 11-20 | >20 | | Cognitive Complexity | ≤15 | 16-30 | >30 | | Function Length | ≤50 lines | 51-100 | >100 | | Nesting Depth | ≤4 | 5-6 | >6 | | File Length | ≤500 lines | 501-1000 | >1000 | | Test Coverage | ≥80% | 60-79% | <60% |
Language-Specific Tools
| Language | Complexity | Linting | Type Check | |----------|------------|---------|------------| | TypeScript | ts-complexity | ESLint | tsc --noEmit | | Python | radon cc | ruff, pylint | mypy | | C/C++ | lizard | clang-tidy | - | | Go | gocyclo | golangci-lint | go vet | | Rust | - | clippy | cargo check |
Scoring Formula
Score = 10 - (Critical x 2) - (Warning x 0.5)
Minimum score: 0
| Score Range | Rating | Interpretation | |-------------|--------|----------------| | 9-10 | Excellent | Production-ready, minimal issues | | 7-8 | Good | Minor improvements recommended | | 5-6 | Fair | Several issues need attention | | 3-4 | Poor | Significant refactoring required | | 0-2 | Critical | Major quality concerns |
Severity Definitions
| Level | Criteria | Examples | Required Action | |-------|----------|----------|-----------------| | Critical | Security risk, data loss, crashes | SQL injection, null pointer, auth bypass | Must fix before merge | | Major | Bugs, significant performance issues | Logic errors, N+1 queries, memory leaks | Should fix | | Minor | Style, minor optimization | Naming convention, redundant code | Nice to have | | Info | Suggestions, observations | Alternative approaches, documentation | Optional |
Output Format
## Code Quality Report
### File: [FILE_PATH]
#### Metrics
| Metric | Value | Status |
|--------|-------|--------|
| Complexity | X | OK/HIGH |
| Lines of Code | X | OK/HIGH |
| Test Coverage | X% | OK/LOW |
#### Issues Found
1. [Issue description] - [Severity: Critical/Major/Minor/Info]
- Location: line X
- Suggestion: [How to fix]
#### Recommendations
- [Prioritized list of improvements]
#### Score: X/10
Error Handling
Prerequisites Check
| Requirement | Error Message | Resolution | |-------------|---------------|------------| | File exists | "File not found: [path]" | Verify path and file existence | | Readable file | "Permission denied: [path]" | Check file permissions | | Supported file type | "Unsupported file type: [ext]" | Use supported extensions (.ts, .py, .kt, .cpp, etc.) |
Runtime Errors
| Error Condition | Behavior | User Action | |-----------------|----------|-------------| | Empty file | Report "No code to analyze" and skip | Add code to file or remove from analysis | | Binary file | Report "Cannot analyze binary file" and skip | Exclude binary files from target | | Encoding error | Report "Unable to read file encoding" | Convert file to UTF-8 | | Directory not found | Report error with suggested similar paths | Verify directory path | | Unsupported language | Report "Language not supported: [lang]" and list similar files | Target supported file types | | Analysis timeout | Report partial results with warning | Reduce scope or split analysis |
Related Skills
kcenon/security-audit
testing
VerifiedTrustedCommunity
Comprehensive security audit covering OWASP Top 10, input validation, authentication, authorization, secret management, dependency vulnerabilities, and injection attack prevention. Use when reviewing security posture, implementing auth flows, handling user input, auditing dependencies, conducting penetration test prep, or before production deployment.
2SKILL.mdUpdated Apr 16, 2026
kcenon/project-workflow
development
VerifiedTrustedCommunity
Provides workflow guidelines for problem-solving, git commits, GitHub issues, PRs, build management, and testing. Use when planning tasks, creating issues, submitting PRs, managing builds, or writing tests.
2SKILL.mdUpdated Apr 16, 2026
kcenon/pr-review
development
VerifiedTrustedCommunity
Review pull requests with comprehensive analysis covering code quality, security vulnerabilities, performance implications, test coverage, documentation completeness, and architectural impact. Use when reviewing PRs, conducting code reviews, evaluating merge readiness, or assessing change impact across the codebase.
2SKILL.mdUpdated Apr 16, 2026
kcenon/performance-review
development
VerifiedTrustedCommunity
Performance optimization analysis: CPU/memory profiling, caching strategies, database query optimization, connection pooling, concurrency patterns, memory leak detection, and throughput improvement. Use when code is slow, memory usage is high, latency needs reduction, or conducting performance reviews before release.
2SKILL.mdUpdated Apr 16, 2026