Alternatives

Sonar Dotnet alternatives for AI agents.

Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.

Current skill

Sonar Dotnet

Code analyzer for C# and VB.NET projects

82
Quality
79
Trust
910
Stars
#1

Phpstan

Similarity 134Trust 91Excellent 100

PHP Static Analysis Tool - discover bugs in your code without running it!

14K starsJun 24, 2026 pushdevelopmentPHPStatic Analysis
$ npx skills add phpstan/phpstan
#2

Infer

Similarity 126Trust 92Excellent 100

A static analyzer for Java, C, C++, and Objective-C

16K starsJun 13, 2026 pushdevelopmentOCamlStatic Analysis
$ npx skills add facebook/infer
#3

Sonarqube

Similarity 125Trust 92Excellent 100

Continuous Inspection

11K starsJul 2, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add SonarSource/sonarqube
#4

Checkstyle

Similarity 125Trust 91Excellent 100

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

9.0K starsJun 18, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add checkstyle/checkstyle
#5

Gosec

Similarity 125Trust 90Excellent 100

Go security checker

8.9K starsJun 15, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add securego/gosec
#6

Ruff

Similarity 119Trust 92Excellent 100

An extremely fast Python linter and code formatter, written in Rust.

48K starsJun 14, 2026 pushdevelopmentRustStatic Analysis
$ npx skills add astral-sh/ruff
#7

Shellcheck

Similarity 119Trust 88Excellent 100

ShellCheck, a static analysis tool for shell scripts

40K starsJun 11, 2026 pushdevelopmentHaskellStatic Analysis
$ npx skills add koalaman/shellcheck
#8

SwiftLint

Similarity 118Trust 90Excellent 100

A tool to enforce Swift style and conventions.

20K starsJun 20, 2026 pushdevelopmentSwiftStatic Analysis
$ npx skills add realm/SwiftLint
#9

PHP CS Fixer

Similarity 118Trust 92Excellent 100

A tool to automatically fix PHP Coding Standards issues

14K starsJun 18, 2026 pushdevelopmentPHPStatic Analysis
$ npx skills add PHP-CS-Fixer/PHP-CS-Fixer
#10

Hadolint

Similarity 117Trust 88Excellent 100

Dockerfile linter, validate inline bash, written in Haskell

12K starsJun 11, 2026 pushdevelopmentHaskellStatic Analysis
$ npx skills add hadolint/hadolint
#11

Error Prone

Similarity 116Trust 90Excellent 100

Catch common Java mistakes as compile-time errors

7.2K starsJun 25, 2026 pushdevelopmentJavaStatic Analysis
$ npx skills add google/error-prone
#12

Go Tools

Similarity 116Trust 90Excellent 100

Staticcheck - The advanced Go linter

6.8K starsJun 10, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add dominikh/go-tools
#13

ImHex

Similarity 112Trust 93Excellent 100

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

54K starsJun 12, 2026 pushdevelopmentC++Static Analysis
$ npx skills add WerWolv/ImHex
#14

Mobile Security Framework MobSF

Similarity 110Trust 90Excellent 100

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

21K starsMay 19, 2026 pushdevelopmentJavaScriptStatic Analysis
$ npx skills add MobSF/Mobile-Security-Framework-MobSF
#15

Semgrep

Similarity 110Trust 93Excellent 100

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

16K starsJun 22, 2026 pushdevelopmentOCamlStatic Analysis
$ npx skills add semgrep/semgrep
#16

Mastg

Similarity 110Trust 93Excellent 100

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

13K starsJun 20, 2026 pushdevelopmentPythonStatic Analysis
$ npx skills add OWASP/mastg

How to choose

When should you switch?

Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Sonar Dotnet if it already passes your workflow test and repository review.

Next step

Compare top candidates side by side

Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.