Code Analysis
A comprehensive code analysis skill that helps evaluate code quality, identify potential issues, and provide actionable recommendations for improvement.
Quick Start
Basic code analysis workflow:
# Read the code file
with open("target_file.py", "r") as f:
code = f.read()
# Analyze structure and complexity
# Check for common issues
# Generate recommendations
Review Checklists and Stack Rules
- •Start with general review lists:
docs/review/code-conventions.md,docs/review/readability-checklist.md,docs/review/reliability-checklist.md,docs/review/security-checklist.md,docs/review/performance-checklist.md,docs/review/testing-checklist.md. - •Apply stack-specific rules:
docs/stack-rules/react-typescript-rules.md,docs/stack-rules/angular-rules.md,docs/stack-rules/python-rules.md,docs/stack-rules/java-rules.md,docs/stack-rules/java-kotlin-rules.md,docs/stack-rules/scala-rules.md,docs/stack-rules/go-rules.md. - •Report with references: Link findings to the checklist/rule anchor that was violated for fast remediation.
Core Capabilities
1. Code Quality Assessment
Evaluate overall code quality across multiple dimensions:
- •Readability: Variable naming, function clarity, code organization
- •Maintainability: Code complexity, coupling, cohesion
- •Performance: Potential bottlenecks, inefficient patterns
- •Security: Common vulnerabilities, input validation
- •Best Practices: Language-specific conventions and idioms
2. Code Smell Detection
Identify common code smells:
- •Long Method: Functions exceeding reasonable length
- •Large Class: Classes with too many responsibilities
- •Duplicate Code: Similar code patterns across files
- •Dead Code: Unused variables, functions, imports
- •Magic Numbers: Hardcoded values without explanation
- •Deep Nesting: Excessive indentation levels
- •God Object: Classes doing too much
3. Complexity Metrics
Calculate and interpret:
- •Cyclomatic Complexity: Number of independent paths
- •Cognitive Complexity: How difficult code is to understand
- •Lines of Code: Total, comment, and blank lines
- •Function/Method Count: Per class or module
- •Dependency Analysis: Import structure and coupling
4. Language-Specific Analysis
React + TypeScript
- •Reference:
docs/stack-rules/react-typescript-rules.md - •Component patterns (functional vs class)
- •Hooks usage and custom hooks
- •Props validation and typing
- •State management patterns
- •Performance optimization (memo, useMemo, useCallback)
- •Key prop usage in lists
- •Event handling best practices
- •Accessibility (a11y) compliance
Angular + TypeScript
- •Reference:
docs/stack-rules/angular-rules.md - •Component lifecycle hooks
- •RxJS observable patterns
- •Dependency injection
- •Change detection strategies
- •Template syntax and bindings
- •Service architecture
- •Module organization
- •TypeScript strict mode compliance
Python
- •Reference:
docs/stack-rules/python-rules.md - •PEP 8 compliance
- •Type hints usage (Python 3.8+)
- •Async/await patterns
- •Exception handling patterns
- •List/dict comprehensions
- •Generator vs list usage
- •FastAPI/Django best practices
- •Pydantic model validation
Java + Spring Boot
- •Reference:
docs/stack-rules/java-rules.md - •SOLID principles adherence
- •Design pattern opportunities
- •Spring annotations usage
- •JPA/Hibernate patterns
- •Exception handling (@ControllerAdvice)
- •Bean validation
- •Lombok usage
- •Transaction management
- •REST API design
Kotlin
- •Reference:
docs/stack-rules/java-kotlin-rules.md - •Idiomatic Kotlin patterns
- •Coroutines and Flow
- •Null safety
- •Data classes and sealed classes
- •Extension functions
- •Scope functions (let, run, with, apply, also)
- •Companion objects
- •Destructuring declarations
Scala
- •Reference:
docs/stack-rules/scala-rules.md - •Option/Either/Try usage instead of null
- •Immutability and collection best practices
- •Pattern matching exhaustiveness and for-comprehensions
- •Concurrency with Future/IO and resource safety
- •Controlled use of implicits/givens and type classes
Go
- •Reference:
docs/stack-rules/go-rules.md - •Explicit error handling and wrapping with context
- •Context propagation and cancellation
- •Concurrency correctness with goroutines/channels
- •Interface-oriented design and zero-value-safe structs
- •Database/HTTP patterns with proper resource management
Workflows
Workflow 1: Comprehensive File Analysis
- •Read the target file
- •Parse code structure: Functions, classes, imports
- •Calculate metrics: Complexity, LOC, depth
- •Detect issues: Code smells, anti-patterns
- •Generate report: Structured findings with priorities
- •Provide recommendations: Specific, actionable improvements
Workflow 2: Multi-File Project Analysis
- •Scan project structure
- •Identify dependencies
- •Analyze each file: Apply single-file workflow
- •Cross-reference issues: Duplicate code, circular dependencies
- •Aggregate findings: Project-wide statistics
- •Prioritize improvements: Impact vs effort matrix
Workflow 3: Focused Issue Investigation
- •Receive specific concern: Performance, security, readability
- •Deep dive analysis: Targeted inspection
- •Identify root causes
- •Suggest solutions: Multiple options with trade-offs
- •Provide examples: Before/after code snippets
Analysis Output Format
Structure your analysis as follows:
## Code Analysis Report ### Summary - File: [filename] - Language: [language] - Lines of Code: [total] - Overall Quality: [High/Medium/Low] ### Metrics - Cyclomatic Complexity: [average] (functions: [list high-complexity ones]) - Maintainability Index: [score] - Code Smells Detected: [count] ### Critical Issues (Priority: High) 1. [Issue description] - Location: Line [X] - Impact: [explanation] - Recommendation: [specific fix] ### Moderate Issues (Priority: Medium) [Similar structure] ### Minor Improvements (Priority: Low) [Similar structure] ### Positive Aspects - [What's done well] - [Good patterns observed] ### Actionable Recommendations 1. [Priority 1 action] 2. [Priority 2 action] 3. [Priority 3 action]
Best Practices for Analysis
- •Be Specific: Point to exact line numbers and code sections
- •Provide Context: Explain why something is an issue
- •Offer Solutions: Don't just identify problems, suggest fixes
- •Show Examples: Include code snippets when helpful
- •Consider Trade-offs: Acknowledge when recommendations have costs
- •Prioritize: Not all issues are equal importance
- •Be Constructive: Focus on improvement, not criticism
Common Patterns to Check
Anti-Patterns
# Anti-pattern: God Object
class UserManager:
def authenticate(self): pass
def send_email(self): pass
def generate_report(self): pass
def process_payment(self): pass
# Too many responsibilities!
# Better: Single Responsibility
class Authenticator:
def authenticate(self): pass
class EmailService:
def send_email(self): pass
Performance Issues
# Inefficient: Multiple iterations data = [process(x) for x in items] filtered = [x for x in data if x > 0] result = [transform(x) for x in filtered] # Efficient: Single pass result = [transform(process(x)) for x in items if process(x) > 0]
Security Concerns
# Vulnerable: SQL Injection
query = f"SELECT * FROM users WHERE id = {user_id}"
# Safe: Parameterized query
query = "SELECT * FROM users WHERE id = ?"
cursor.execute(query, (user_id,))
Integration with Other Tools
This skill can reference:
- •Linting tools: pylint, eslint, golangci-lint
- •Testing: pytest, jest, JUnit results
- •Coverage: Code coverage reports
- •Profiling: Performance profiler output
For detailed language-specific guidelines, see LANGUAGE_GUIDES.md.
For automated analysis scripts, see scripts/analyze.py.
Limitations
- •Cannot execute code for dynamic analysis
- •Limited to static code analysis
- •May miss runtime-only issues
- •Context-dependent recommendations require human judgment
When to Use This Skill
Use this skill when:
- •Reviewing pull requests
- •Auditing legacy code
- •Planning refactoring efforts
- •Conducting code quality assessments
- •Training team members on best practices
- •Investigating specific code issues
- •Preparing for production deployment
Examples
See EXAMPLES.md for detailed analysis examples across different languages and scenarios.
See EXAMPLES_STACK.md for comprehensive examples with React, TypeScript, Angular, Python, Java, and Kotlin.