Skills code-analysis
📦

code-analysis

Low Risk ⚡ Contains scripts📁 Filesystem access⚙️ External commands

Improve Code Readability

Teams often write code that only developers can follow. This skill checks names, comments, jargon, and documentation so broader teams can understand code faster.

Supports: Claude Codex Code(CC)
🥉 77 Bronze
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Agent-readable resources

Use these links when an AI agent, crawler, or script needs clean context instead of reading the full page.

Test it

Using "code-analysis". A Python file with short variable names and few comments.

Expected outcome:

The report gives a moderate score, flags unclear names, and suggests fuller names with explanatory comments.

Using "code-analysis". A TypeScript file with API jargon in comments.

Expected outcome:

The report identifies unexplained technical terms and suggests plain English definitions.

Using "code-analysis". A well-documented service file.

Expected outcome:

The report gives a high score and notes that the file is accessible to non-developers.

Security Audit

Low Risk
v6 • 6/28/2026

The static weak cryptography findings are false positives caused by readability terms such as token, serialize, and hash-related wording, not cryptographic operations. The Markdown backtick findings are also false positives from fenced examples and documented CLI usage. The skill is safe to publish with a low warning because it runs a local script that reads user-selected files and may print code snippets.

2
Files scanned
736
Lines analyzed
7
findings
6
Total audits
Low Risk Issues (4)
Local File Read Requires User Care
The analyzer accepts a user-provided --path value, checks that the path exists, and reads the file contents for analysis. This is expected for a readability tool, but users should avoid scanning files that contain secrets or sensitive source because snippets can be included in output.
Weak Cryptography Static Findings Are False Positives
The flagged locations use words such as token, serialize, JSON, and descriptions for readability issues. No evidence found of weak hashing, encryption, or cryptographic APIs in the scanned files.
Markdown Backtick Static Findings Are False Positives
The SKILL.md findings are Markdown fenced examples and documented usage for running the local analyzer. They are not Ruby shell backticks and do not create hidden command execution.
System Reconnaissance Static Finding Is False Positive
The line flagged for system reconnaissance resets an internal counter after reporting a readability issue. No evidence found of host enumeration, system probing, or environment collection.

Risk Factors

⚡ Contains scripts (2)
📁 Filesystem access (1)
⚙️ External commands (1)

Detected Patterns

User-Selected Local File Reading
Audited by: codex View Audit History →

Quality Score

55
Architecture
100
Maintainability
85
Content
70
Community
82
Security
83
Spec Compliance

What You Can Build

Review stakeholder-facing code

Check whether business logic has clear names and plain comments before a product review.

Prepare onboarding examples

Find missing explanations before sharing code with new team members.

Improve documentation quality

Identify jargon and missing What, Why, and How context in source comments.

Try These Prompts

Check one file
Use the code-analysis skill to review this file for non-developer readability: [file path].
Focus on naming
Analyze [file path] with focus on naming. Explain which names should be clearer and why.
Prepare for onboarding
Review [file path] for a new team member. Prioritize comments, jargon, and missing context.
Run strict readiness review
Analyze [file path] with strict readability expectations. Summarize blockers before this code is shared with stakeholders.

Best Practices

  • Run it on intended project files, not files that contain secrets.
  • Use strict mode before sharing code with non-developer audiences.
  • Review each suggestion manually before changing established domain terms.

Avoid

  • Do not treat the score as proof that the code is correct.
  • Do not scan private credentials, keys, or sensitive configuration files.
  • Do not replace human documentation review with automated findings alone.

Frequently Asked Questions

What does this skill analyze?
It analyzes readability signals such as naming, comments, jargon, and section documentation.
Does it fix code automatically?
No. It reports issues and suggestions so a user can decide what to change.
Which tools can use it?
The marketplace metadata lists support for Claude, Codex, and Claude Code.
Can it review a whole repository?
The included script is designed around a path input, but the documented example shows single-file usage.
Is this a security scanner?
No. It checks readability and documentation quality, not vulnerabilities.
What should users avoid?
Users should avoid scanning files with secrets because output can include code snippets.

Developer Details

File structure

📄 analyze.py

📄 SKILL.md