How do I install static-code-analysis?

Run `npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill static-code-analysis` in your terminal. You need to have run `npx skills init` once in your project first.

Which agent frameworks does static-code-analysis support?

static-code-analysis works with any agent framework supported by the Skills registry, including Claude Code, Cursor, GitHub Copilot, Cline, Codex, and Gemini CLI.

Is static-code-analysis free to use?

Yes. static-code-analysis is free to install and use. It is available from the open Skills registry published by aj-geddes.

Productivity

static-code-analysis▌

Name: static-code-analysis
Availability: InStock
Author: aj-geddes

aj-geddes/useful-ai-prompts · updated Apr 8, 2026

$npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill static-code-analysis

summary

Use automated tools to analyze code without executing it, catching bugs, security issues, and style violations early.

skill.md

Static Code Analysis

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

Use automated tools to analyze code without executing it, catching bugs, security issues, and style violations early.

When to Use

Enforcing coding standards
Security vulnerability detection
Bug prevention
Code review automation
CI/CD pipelines
Pre-commit hooks
Refactoring assistance

Quick Start

Minimal working example:

// .eslintrc.js
module.exports = {
  extends: [
    "eslint:recommended",
    "plugin:@typescript-eslint/recommended",
    "plugin:security/recommended",
  ],
  plugins: ["@typescript-eslint", "security", "import"],
  rules: {
    "no-console": ["warn", { allow: ["error", "warn"] }],
    "no-unused-vars": "error",
    "prefer-const": "error",
    eqeqeq: ["error", "always"],
    "no-eval": "error",
    "security/detect-object-injection": "warn",
    "security/detect-non-literal-regexp": "warn",
    "@typescript-eslint/no-explicit-any": "warn",
    "@typescript-eslint/explicit-function-return-type": "error",
    "import/order": [
      "error",
      {
        groups: [
          "builtin",
          "external",
          "internal",
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
ESLint Configuration	ESLint Configuration
Python Linting (pylint + mypy)	Python Linting (pylint + mypy)
Pre-commit Hooks	Pre-commit Hooks
SonarQube Integration	SonarQube Integration
Custom AST Analysis	Custom AST Analysis
Security Scanning	Security Scanning

Best Practices

✅ DO

Run linters in CI/CD
Use pre-commit hooks
Configure IDE integration
Fix issues incrementally
Document custom rules
Share configuration across team
Automate security scanning

❌ DON'T

Ignore all warnings
Skip linter setup
Commit lint violations
Use overly strict rules initially
Skip security scans
Disable rules without reason