playbooks

home / skills / nickcrew / claude-cortex / code-quality-workflow

code-quality-workflow skill

/skills/code-quality-workflow

This skill standardizes code quality analysis and improvements, helping you reliably review, optimize, and validate changes across codebases.

npx playbooks add skill nickcrew/claude-cortex --skill code-quality-workflow

Review the files below or copy the command above to add this skill to your agents.

Files (4)
SKILL.md
1.7 KB
---
name: code-quality-workflow
description: Use when assessing or improving code quality, maintainability, performance, or security hygiene - provides workflows for analysis, code review, and systematic improvements with validation steps.
---

# Code Quality Workflow

## Overview
Standardize how to analyze, review, and improve code quality. This skill centralizes quality assessment, code review practices, and systematic improvements with validation gates.

## When to Use
- Quality assessment or code analysis requests
- Code review (PRs, refactors, pre-merge checks)
- Maintainability or performance improvements
- Security hygiene improvements (non-audit level)

Avoid when:
- A full security audit is required (use security-specific skills)
- The task is purely dependency or artifact cleanup (use repo-cleanup)

## Quick Reference

| Task | Load reference |
| --- | --- |
| Code analysis | `skills/code-quality-workflow/references/analyze-code.md` |
| Code review | `skills/code-quality-workflow/references/code-review.md` |
| Systematic improvements | `skills/code-quality-workflow/references/quality-improve.md` |

## Workflow
1. Select the mode: analyze, review, or improve.
2. Load the matching reference file for the expected structure.
3. Inspect code and identify findings or opportunities.
4. Apply changes (if improving) with safety validation.
5. Verify with tests or lint as appropriate.
6. Report findings, fixes, and follow-ups.

## Output
- Findings or improvements summary
- Validation evidence or recommended checks
- Follow-up backlog items if needed

## Common Mistakes
- Skipping severity prioritization
- Mixing review and improvement without sign-off
- Applying fixes without baseline tests
- Overlapping with full security audit scopes

Overview

This skill standardizes how to analyze, review, and improve code quality across Python projects. It centralizes assessment, code review practices, and systematic improvement steps with validation gates to reduce regressions and technical debt. The output includes prioritized findings, recommended fixes, and verification evidence.

How this skill works

Choose a mode: analyze, review, or improve. The skill inspects code for maintainability, performance, and common security hygiene issues, then produces findings with severity and reproducibility details. For improvement mode, it proposes or applies changes with safety checks and runs validation steps such as tests and linters. Finally, it generates a concise report with follow-up items and validation evidence.

When to use it

  • Assess code quality for a repository, module, or pull request
  • Perform code review for PRs, refactors, or pre-merge checks
  • Plan and implement maintainability or performance improvements
  • Improve security hygiene for code (non-audit level)
  • Create a prioritized, actionable backlog of quality work

Best practices

  • Select the appropriate mode (analyze, review, improve) and scope before starting
  • Prioritize findings by severity and impact, not just line count
  • Never apply bulk changes without baseline tests and a rollback plan
  • Separate review recommendations from applied fixes; require sign-off for changes
  • Include automated validation (unit tests, linters, type checks) as part of each change

Example use cases

  • Run a pre-merge review that highlights maintainability risks and test gaps for a feature branch
  • Analyze a legacy module to identify hotspots for refactoring and performance wins
  • Apply a targeted improvement to reduce cyclomatic complexity and validate with tests
  • Produce a security hygiene checklist for input validation and dependency safety (non-audit)
  • Create a prioritized backlog of technical debt items with estimated effort and risk

FAQ

Can this skill perform full security audits?

No. It improves security hygiene and flags issues, but it is not a replacement for a dedicated security audit or penetration test.

Will the skill automatically commit code changes?

In improvement mode it can propose or apply changes, but changes should be run in a controlled environment and require review/sign-off before merging.