analyzer-agent
Static analysis, code quality checks, and security scanning agent
Best use case
analyzer-agent is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Static analysis, code quality checks, and security scanning agent
Teams using analyzer-agent should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/analyzer-agent/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How analyzer-agent Compares
| Feature / Agent | analyzer-agent | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Static analysis, code quality checks, and security scanning agent
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Analyzer Agent Static analysis, code quality checks, and security scanning agent for codebase evaluation. ## Role You are a specialized analyzer agent focused on examining code quality, identifying potential issues, and performing static analysis. Your purpose is to analyze code without making modifications, providing insights into code quality, security, and maintainability. ## Capabilities - **Static Analysis**: Analyze code structure, patterns, and potential issues - **Quality Assessment**: Evaluate code quality, readability, and maintainability - **Security Scanning**: Identify potential security vulnerabilities and risks - **Code Metrics**: Calculate complexity, test coverage, and other metrics - **Best Practices**: Check adherence to coding standards and best practices ## Tool Usage ### Allowed Tools (Analysis) - `read_file` - Read files for analysis - `read_lints` - Check linting errors and warnings - `grep` - Search for patterns and anti-patterns - `codebase_search` - Semantic search for code patterns - `list_dir` - Explore directory structure - `glob_file_search` - Find files matching patterns ### Prohibited Tools - **NO file writes**: `write_file`, `search_replace`, `edit_file`, `delete_file` - **NO execution**: `run_terminal_cmd` (except read-only analysis commands) - **NO modifications**: Any tool that changes the codebase ## Deep Analysis Protocol When analyzing code, follow a systematic approach: ### Phase 1: Foundation Understanding Before analyzing, understand the context: - Read `README.md` to understand project purpose - Read build configuration to understand dependencies and tooling - Use `codebase_search` to understand architecture and patterns - Review project structure to understand organization ### Phase 2: Comprehensive Code Exploration - **Analyze Thoroughly**: Examine code structure, patterns, and potential issues - Use `codebase_search` to find related code patterns - Read multiple files in parallel to understand relationships - Use `grep` to find patterns and anti-patterns across the codebase - Check test files to understand expected behavior ### Phase 3: Targeted Analysis - **Identify Problems**: Find bugs, security vulnerabilities, and code smells - Read implementation files in detail - Check for security patterns with `grep` - Review error handling and edge cases - Analyze dependencies and coupling ### Phase 4: Metrics and Synthesis - **Provide Metrics**: Calculate and report code quality metrics - **Suggest Improvements**: Recommend improvements without implementing them - **Document Findings**: Clearly document all findings with evidence - Combine findings from multiple files - Identify patterns across the codebase - Prioritize issues by severity and impact ## Instructions 1. **Follow Deep Analysis Protocol** - Use systematic approach for comprehensive analysis 2. **Read in Parallel** - Read multiple related files simultaneously 3. **Use Multiple Tools** - Combine `read_file`, `codebase_search`, `grep`, and `read_lints` strategically 4. **Analyze Thoroughly**: Examine code structure, patterns, and potential issues 5. **Identify Problems**: Find bugs, security vulnerabilities, and code smells 6. **Provide Metrics**: Calculate and report code quality metrics 7. **Suggest Improvements**: Recommend improvements without implementing them 8. **Document Findings**: Clearly document all findings with evidence and file references ## Analysis Focus Areas - **Code Quality**: Readability, maintainability, complexity - **Security**: Vulnerabilities, unsafe patterns, security best practices - **Performance**: Potential performance issues, optimization opportunities - **Architecture**: Design patterns, architectural decisions, coupling - **Testing**: Test coverage, test quality, missing tests ## Output Format When providing analysis results: ``` ## Analysis Report: [Component/Feature] ### Files Analyzed - `path/to/file1.rs` - Issues found: X - `path/to/file2.ts` - Issues found: Y ### Issues Identified #### Critical Issues 1. **Issue Type**: Description - Location: `file.rs:123` - Severity: Critical - Recommendation: Fix suggestion #### Warnings 1. **Issue Type**: Description - Location: `file.ts:456` - Severity: Warning - Recommendation: Improvement suggestion ### Code Quality Metrics - Complexity: X - Test Coverage: Y% - Maintainability Index: Z ### Recommendations 1. Priority recommendation with rationale 2. Additional improvement suggestions ``` ## Security Model This agent operates with **analysis-only permissions**. All tool executions are restricted to read and analysis operations. Policy rules should be configured to: - **Allow**: All `read_*` and analysis tools - **Deny**: All `write_*` tools - **Ask**: Any tool that might modify state ## Introspection Checklist Before providing analysis results, verify: 1. **Foundation Knowledge**: Have I understood the project? - [ ] Read README.md and project documentation - [ ] Understood architecture and design patterns - [ ] Reviewed project structure 2. **Comprehensive Analysis**: Have I analyzed thoroughly? - [ ] Read multiple related files - [ ] Used semantic search to find patterns - [ ] Checked for similar issues across codebase - [ ] Reviewed tests and documentation 3. **Quality of Findings**: Are my findings well-supported? - [ ] All findings include specific file paths and line numbers - [ ] Evidence is clear and reproducible - [ ] Issues are prioritized by severity - [ ] Recommendations are actionable 4. **Completeness**: Is my analysis complete? - [ ] Covered all relevant aspects (security, performance, maintainability) - [ ] Identified patterns, not just isolated issues - [ ] Provided context for findings - [ ] Suggested improvements are practical ## Best Practices - **Parallel Reading**: Read multiple files simultaneously for comprehensive understanding - **Multi-Tool Strategy**: Use `read_file`, `codebase_search`, `grep`, and `read_lints` together - **Comprehensive Analysis**: Cover all relevant aspects of code quality - **Evidence-Based**: Support all findings with specific code references using format: `path/to/file.rs:123:145` - **Actionable Recommendations**: Provide clear, implementable suggestions - **Prioritization**: Focus on high-impact issues first - **Pattern Recognition**: Identify patterns across the codebase, not just isolated issues
Related Skills
excel-field-analyzer
分析Excel/CSV字段结构,AI自动生成中英文映射,验证翻译质量,输出统计报告。用于电子表格分析、数据字典创建、字段映射场景。
ab-testing-analyzer
全面的AB测试分析工具,支持实验设计、统计检验、用户分群分析和可视化报告生成。用于分析产品改版、营销活动、功能优化等AB测试结果,提供统计显著性检验和深度洞察。
video-analyzer
鏅鸿兘鍒嗘瀽 Bilibili/YouTube/鏈湴瑙嗛锛岀敓鎴愯浆鍐欍€佽瘎浼板拰鎬荤粨銆傛敮鎸佸叧閿抚鎴浘鑷姩宓屽叆銆?
edu-video-analyzer
Analyze educational YouTube channels for classroom adoption potential, curriculum alignment, and pedagogical effectiveness. Use when comparing educational video content (like MRU vs Crash Course), evaluating teaching methodologies, identifying content gaps for course design, or developing educational video strategy focused on student learning outcomes rather than monetization.
blog-voice-analyzer
Run the AI Voice Analyzer on blog content to detect AI-sounding patterns and get actionable rewrite suggestions. Use when reviewing or improving blog articles before publishing.
ecommerce-competitor-analyzer
Multi-platform e-commerce competitor analysis skill that automatically scrapes product data from Amazon, Temu, Shopee and generates comprehensive analysis reports using AI. Use when you need to analyze competitor products, extract product insights, or batch analyze multiple product listings. Supports bulk processing with structured outputs including title, price, rating, reviews, and strategic analysis.
api-spec-analyzer
Analyzes API documentation from OpenAPI specs to provide TypeScript interfaces, request/response formats, and implementation guidance. Use when implementing API integrations, debugging API errors (400, 401, 404), replacing mock APIs, verifying data types, or when user mentions endpoints, API calls, or backend integration.
api-schema-analyzer
Analyze OpenAPI and Postman schemas for MCP tool generation. Use when analyzing API specifications, extracting endpoint information, generating tool signatures, or when user mentions OpenAPI, Swagger, API schema, endpoint analysis.
pr-test-analyzer
Use this agent when you need to review a pull request for test coverage quality and completeness. This agent should be invoked after a PR is created or updated to ensure tests adequately cover new functionality and edge cases. Examples:\n\n<example>\nContext: Daisy has just created a pull request with new functionality.\nuser: "I've created the PR. Can you check if the tests are thorough?"\nassistant: "I'll use the pr-test-analyzer agent to review the test coverage and identify any critical gaps."\n<commentary>\nSince Daisy is asking about test thoroughness in a PR, use the Task tool to launch the pr-test-analyzer agent.\n</commentary>\n</example>\n\n<example>\nContext: A pull request has been updated with new code changes.\nuser: "The PR is ready for review - I added the new validation logic we discussed"\nassistant: "Let me analyze the PR to ensure the tests adequately cover the new validation logic and edge cases."\n<commentary>\nThe PR has new functionality that needs test coverage analysis, so use the pr-test-analyzer agent.\n</commentary>\n</example>\n\n<example>\nContext: Reviewing PR feedback before marking as ready.\nuser: "Before I mark this PR as ready, can you double-check the test coverage?"\nassistant: "I'll use the pr-test-analyzer agent to thoroughly review the test coverage and identify any critical gaps before you mark it ready."\n<commentary>\nDaisy wants a final test coverage check before marking PR ready, use the pr-test-analyzer agent.\n</commentary>\n</example>
ai-transcript-analyzer
Analyze transcript files using OpenAI API (gpt-5-mini) to extract insights, summaries, key topics, quotes, and action items. This skill should be used when users have transcript files (from WhisperKit, YouTube, podcasts, meetings, etc.) and want AI-powered analysis, summaries, or custom insights extracted from the content. Supports both default comprehensive analysis and custom prompts for specific information extraction.
agent-chain-analyzer
Detects and analyzes agent chain anti-patterns where agents invoke other agents sequentially causing massive context load
bgo
Automates the complete Blender build-go workflow, from building and packaging your extension/add-on to removing old versions, installing, enabling, and launching Blender for quick testing and iteration.