robbyt/codebase-analysis
plugins/gemini/skills/codebase-analysis/SKILL.md
Deep architectural analysis using Gemini's codebase_investigator tool. Trigger when user needs architecture overview ("analyze this codebase", "map dependencies"), onboarding to unfamiliar code, understanding legacy systems, or identifying technical debt.
$ install --global
skillsauthnpx skillsauth add robbyt/claude-skills codebase-analysisInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 19, 2026, 3:10 AM11.8s1 file scanned
SKILL.md
- name:
- codebase-analysis
- description:
- Deep architectural analysis using Gemini's codebase_investigator tool. Trigger when user needs architecture overview ("analyze this codebase", "map dependencies"), onboarding to unfamiliar code, understanding legacy systems, or identifying technical debt.
Codebase Analysis via Gemini
Use Gemini's codebase_investigator tool for deep architectural analysis.
Quick Start
gemini "Use codebase_investigator to analyze this project. Do not make any changes. Respond with analysis only." --allowed-tools codebase_investigator -o text 2>&1
When to Use
- Onboarding to unfamiliar codebases
- Understanding legacy systems
- Mapping component relationships
- Finding hidden dependencies
- Architecture documentation
- Technical debt assessment
Examples
Full project analysis:
gemini "Use codebase_investigator to analyze this project. Report on:
- Overall architecture
- Key dependencies
- Component relationships
- Potential issues
Do not make any changes. Respond with analysis only." --allowed-tools codebase_investigator -o text
Flow mapping:
gemini "Use codebase_investigator to map the authentication flow. Identify all components involved. Do not make any changes. Respond with analysis only." --allowed-tools codebase_investigator -o text
Dependency analysis:
gemini "Use codebase_investigator to analyze dependencies:
- Direct vs transitive
- Outdated packages
- Circular dependencies
- Bundle size impact
Do not make any changes. Respond with analysis only." --allowed-tools codebase_investigator -o text
Technical debt:
gemini "Use codebase_investigator to identify technical debt:
- Deprecated patterns
- Inconsistent conventions
- Missing documentation
- Complex dependency chains
Do not make any changes. Respond with analysis only." --allowed-tools codebase_investigator -o text
Iterative Analysis
Use sessions for multi-turn investigation:
# Initial analysis
gemini "Use codebase_investigator to analyze this project. Do not make any changes. Respond with analysis only." --allowed-tools codebase_investigator -o text
# Follow-up (continues session)
echo "What patterns did you find in the auth module? Do not make any changes. Respond with analysis only." | gemini --allowed-tools codebase_investigator -r 1 -o text
# Deeper dive
echo "Are there security concerns with that pattern? Do not make any changes. Respond with analysis only." | gemini --allowed-tools codebase_investigator -r 1 -o text
Notes
- Gemini must not make any changes, provide feedback ONLY.
- Gemini respects
.gitignore- it cannot read files matching gitignore patterns - Can take 5-10 minutes for large codebases
- Requires sandbox bypass: use
dangerouslyDisableSandbox: true - Use sessions for iterative exploration
- See
references/setup.mdfor troubleshooting
Related Skills
robbyt/web-search
tools
VerifiedTrustedCommunity
Real-time web research using Google Search via Google's Antigravity (`agy`) CLI — the replacement for the deprecated `gemini-cli`. Trigger when user needs current information ("search with agy", "search with Google Antigravity", "find current info about X with agy", "what's the latest on Y"), library/API research, security vulnerability lookups, or comparisons requiring recent data.
41SKILL.mdUpdated May 21, 2026
robbyt/plan-review
tools
VerifiedTrustedCommunity
Get Google Antigravity's (`agy`) review of Claude's implementation plans. Trigger when user wants a second opinion on a plan ("have agy review this plan", "get a second opinion from Google Antigravity", "critique this plan with agy"), or after Claude creates a plan file that needs validation before implementation. Replaces the deprecated gemini-cli plan-review workflow.
41SKILL.mdUpdated May 21, 2026
robbyt/diff-review
tools
VerifiedTrustedCommunity
Get Google Antigravity's (`agy`) code review of git changes after Claude makes edits. Trigger when user wants a second opinion on code changes ("have agy review my changes", "get code review from Google Antigravity", "review this diff with agy"), or as a final check before committing. Replaces the deprecated gemini-cli diff-review workflow.
41SKILL.mdUpdated May 21, 2026
robbyt/codebase-analysis
tools
VerifiedTrustedCommunity
Deep architectural analysis of the current workspace using Google Antigravity (`agy`). Trigger when the user needs an architecture overview ("analyze this codebase with agy", "map dependencies with Google Antigravity"), is onboarding to unfamiliar code, exploring legacy systems, or hunting technical debt. Replaces the deprecated gemini-cli `codebase_investigator` workflow.
41SKILL.mdUpdated May 21, 2026