static-code-analysis

Implement static code analysis with linters, formatters, and security scanners to catch bugs early. Use when enforcing code standards, detecting security vulnerabilities, or automating code review.

33 stars

byaAAaqwq

View on GitHub Installation ↓

Best use case

static-code-analysis is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Implement static code analysis with linters, formatters, and security scanners to catch bugs early. Use when enforcing code standards, detecting security vulnerabilities, or automating code review.

Teams using static-code-analysis should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

You only need a quick one-off answer and do not need a reusable workflow.
You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/static-code-analysis/SKILL.md --create-dirs "https://raw.githubusercontent.com/aAAaqwq/AGI-Super-Team/main/skills/static-code-analysis/SKILL.md"

Manual Installation

Download SKILL.md from GitHub
Place it in .claude/skills/static-code-analysis/SKILL.md inside your project
Restart your AI agent — it will auto-discover the skill

How static-code-analysis Compares

Feature / Agent	static-code-analysis	Standard Approach
Platform Support	Not specified	Limited / Varies
Context Awareness	High	Baseline
Installation Complexity	Unknown	N/A

Frequently Asked Questions

What does this skill do?

Implement static code analysis with linters, formatters, and security scanners to catch bugs early. Use when enforcing code standards, detecting security vulnerabilities, or automating code review.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

AI Agents for Coding

Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.

SKILL.md Source

# Static Code Analysis

## Table of Contents

- [Overview](#overview)
- [When to Use](#when-to-use)
- [Quick Start](#quick-start)
- [Reference Guides](#reference-guides)
- [Best Practices](#best-practices)

## Overview

Use automated tools to analyze code without executing it, catching bugs, security issues, and style violations early.

## When to Use

- Enforcing coding standards
- Security vulnerability detection
- Bug prevention
- Code review automation
- CI/CD pipelines
- Pre-commit hooks
- Refactoring assistance

## Quick Start

Minimal working example:

```javascript
// .eslintrc.js
module.exports = {
  extends: [
    "eslint:recommended",
    "plugin:@typescript-eslint/recommended",
    "plugin:security/recommended",
  ],
  plugins: ["@typescript-eslint", "security", "import"],
  rules: {
    "no-console": ["warn", { allow: ["error", "warn"] }],
    "no-unused-vars": "error",
    "prefer-const": "error",
    eqeqeq: ["error", "always"],
    "no-eval": "error",
    "security/detect-object-injection": "warn",
    "security/detect-non-literal-regexp": "warn",
    "@typescript-eslint/no-explicit-any": "warn",
    "@typescript-eslint/explicit-function-return-type": "error",
    "import/order": [
      "error",
      {
        groups: [
          "builtin",
          "external",
          "internal",
// ... (see reference guides for full implementation)
```

## Reference Guides

Detailed implementations in the `references/` directory:

| Guide | Contents |
|---|---|
| [ESLint Configuration](references/eslint-configuration.md) | ESLint Configuration |
| [Python Linting (pylint + mypy)](references/python-linting-pylint-mypy.md) | Python Linting (pylint + mypy) |
| [Pre-commit Hooks](references/pre-commit-hooks.md) | Pre-commit Hooks |
| [SonarQube Integration](references/sonarqube-integration.md) | SonarQube Integration |
| [Custom AST Analysis](references/custom-ast-analysis.md) | Custom AST Analysis |
| [Security Scanning](references/security-scanning.md) | Security Scanning |

## Best Practices

### ✅ DO

- Run linters in CI/CD
- Use pre-commit hooks
- Configure IDE integration
- Fix issues incrementally
- Document custom rules
- Share configuration across team
- Automate security scanning

### ❌ DON'T

- Ignore all warnings
- Skip linter setup
- Commit lint violations
- Use overly strict rules initially
- Skip security scans
- Disable rules without reason

Related Skills

technical-analysis

from aAAaqwq/AGI-Super-Team

Master of price action, chart patterns, and technical indicators - combining classical Wyckoff/Dow theory with modern quantitative validation for edge identificationUse when "technical analysis, chart pattern, indicator, RSI, MACD, support resistance, trend, candlestick, price action, fibonacci, trading, technical-analysis, charts, indicators, price-action, patterns, support-resistance, trend-following" mentioned.

serp-analysis

from aAAaqwq/AGI-Super-Team

Analyze Google SERP (Search Engine Results Pages) — featured snippets, PAA (People Also Ask), AI Overview, knowledge panels, local packs. Detect AI Overview trigger conditions and optimize content to be cited by AI. Use when user asks to 'analyze SERP', 'check search results', 'AI Overview analysis', 'featured snippet optimization', 'PAA research', or 'how to get cited by Google AI'.

seo-competitor-analysis

from aAAaqwq/AGI-Super-Team

Deep SEO competitor analysis — keyword mapping, backlink profiling, content strategy audit, SERP share analysis, and technical SEO comparison. Use when user asks to 'analyze competitor SEO', 'competitor keyword analysis', 'backlink comparison', 'SEO competitive intelligence', 'competitor content strategy', or 'SEO gap analysis'.

roi-analysis

from aAAaqwq/AGI-Super-Team

Use when calculating marketing ROI on Xiaohongshu, measuring campaign return on investment, analyzing cost per acquisition, evaluating marketing spend efficiency, or proving marketing value to stakeholders

market-sizing-analysis

from aAAaqwq/AGI-Super-Team

Use when the user asks to calculate TAM, determine SAM, estimate SOM, size a market, calculate market opportunity, ask for total addressable market, or do market sizing for a startup or business opportunity.

developer-growth-analysis

from aAAaqwq/AGI-Super-Team

Analyzes your recent Claude Code chat history to identify coding patterns, development gaps, and areas for improvement, curates relevant learning resources from HackerNews, and automatically sends a personalized growth report to your Slack DMs.

competitive-analysis

from aAAaqwq/AGI-Super-Team

Help users understand and respond to competition. Use when someone is positioning against competitors, evaluating market threats, running competitive war games, or deciding how much to focus on competitors versus customers.

wemp-operator

from aAAaqwq/AGI-Super-Team

> 微信公众号全功能运营——草稿/发布/评论/用户/素材/群发/统计/菜单/二维码 API 封装

Content & Documentation

zsxq-smart-publish

from aAAaqwq/AGI-Super-Team

Publish and manage content on 知识星球 (zsxq.com). Supports talk posts, Q&A, long articles, file sharing, digest/bookmark, homework tasks, and tag management. Use when publishing content to 知识星球, creating/editing posts, uploading files/images/audio, managing digests, batch publishing, or formatting content for 知识星球.

zoom-automation

from aAAaqwq/AGI-Super-Team

Automate Zoom meeting creation, management, recordings, webinars, and participant tracking via Rube MCP (Composio). Always search tools first for current schemas.

zoho-crm-automation

from aAAaqwq/AGI-Super-Team

Automate Zoho CRM tasks via Rube MCP (Composio): create/update records, search contacts, manage leads, and convert leads. Always search tools first for current schemas.

ziliu-publisher

from aAAaqwq/AGI-Super-Team

字流(Ziliu) - AI驱动的多平台内容分发工具。用于一次创作、智能适配排版、一键分发到16+平台（公众号/知乎/小红书/B站/抖音/微博/X等）。当用户需要多平台发布、内容排版、格式适配时使用。触发词：字流、ziliu、多平台发布、一键分发、内容分发、排版发布。