{"query":"Sonar","filters":{"category":null,"platform":null,"track":null,"safety":null,"include_blocked":false,"min_stars":0},"total":10,"skills":[{"rank":1,"match_score":970.1,"slug":"raskrebs-sonar","name":"Sonar","description":"CLI tool for inspecting and managing services listening on localhost ports","tagline":"CLI tool for inspecting and managing services listening on localhost ports","category":"coding-agents","tags":["developer-tools","automation","coding","cli","docker","golang","linux","localhost","macos","portscanner"],"author":{"name":"raskrebs","verified":true,"url":"https://github.com/raskrebs"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"raskrebs/sonar","creatorName":"raskrebs","creatorUrl":"https://github.com/raskrebs","sourceUrl":"https://github.com/raskrebs/sonar","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/raskrebs-sonar#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":1065,"forks":33,"downloads":0,"rating":0,"review_count":0,"quality_score":59.89},"quality":{"score":96,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"1.1K","tone":"positive"},{"label":"Freshness","value":"1mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":84,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"1.1K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":72,"weight":0.08,"status":"info","detail":"1.1K stars, 33 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":88,"weight":0.14,"status":"pass","detail":"1mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":62,"weight":0.12,"status":"info","detail":"command execution surface, external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add raskrebs/sonar"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":62,"weight":0.07,"status":"info","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/raskrebs/sonar"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"1.1K GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"1.1K stars, 33 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"1mo since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"info","label":"Dependency/runtime risk","detail":"command execution surface, external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add raskrebs/sonar"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/raskrebs/sonar"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"1.1K GitHub stars","repoActivity":"1.1K stars, 33 forks","lastPushed":"1mo since push","license":"MIT","repository":"https://github.com/raskrebs/sonar","install":"npx skills add raskrebs/sonar","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add raskrebs/sonar","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is declared","1mo since push"]},"agentCompatibility":["Go","Developer Tools","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["coding-agents","developer-tools","automation","coding","cli","docker"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"knownRisks":[]},"safety":{"score":60,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","summary":"Usable candidate, but the agent should surface permission and audit notes before installation.","recommended_action":"Require human approval before installing into a real workspace.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","60/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace.","reasons":["High-risk permission hints: Shell or command execution","60/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"workflow-automation","title":"Workflow automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add raskrebs/sonar","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":1065,"starsLabel":"1.1K","forks":33,"license":"MIT","qualityScore":96,"trustScore":84,"auditScore":88},"maintenance":{"status":"active","label":"1mo since push","daysSincePush":32,"lastPushedAt":"2026-05-21T09:42:54+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","coding-agents","developer-tools","automation","cli","docker","golang"]},"audit":{"audit_score":88,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"raskrebs-sonar","name":"Sonar","description":"CLI tool for inspecting and managing services listening on localhost ports","category":"coding-agents","url":"https://www.openagentskill.com/skills/raskrebs-sonar","repository":"https://github.com/raskrebs/sonar","github_repo":"raskrebs/sonar"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Go","Developer Tools","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add raskrebs/sonar","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add raskrebs/sonar"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar\" agent skill from https://github.com/raskrebs/sonar. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar\" as a Claude Code skill from https://github.com/raskrebs/sonar. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar\" from https://github.com/raskrebs/sonar into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports"}],"handoff_url":"https://www.openagentskill.com/api/skills/raskrebs-sonar/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/raskrebs-sonar"},"trust":{"score":84,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"1.1K GitHub stars","repoActivity":"1.1K stars, 33 forks","lastPushed":"1mo since push","license":"MIT","repository":"https://github.com/raskrebs/sonar","install":"npx skills add raskrebs/sonar","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["coding-agents","developer-tools","automation","coding","cli","docker"],"known_risks":[]},"audit":{"score":88,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":96,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"1mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Sonar in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 84/100 Strong shortlist","Audit: 88/100 Safe to try","Safety: 60/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"raskrebs-sonar (Sonar)","install_command":"npx skills add raskrebs/sonar","risk_summary":"Safe to try; Reviewed with permission notes; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/raskrebs-sonar","api":"https://www.openagentskill.com/api/agent/skills/raskrebs-sonar","audit":"https://www.openagentskill.com/skills/raskrebs-sonar/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=raskrebs-sonar&task=Use%20Sonar%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/raskrebs-sonar/install","manifest":"https://www.openagentskill.com/api/registry/manifest/raskrebs-sonar"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"raskrebs-sonar","name":"Sonar","description":"CLI tool for inspecting and managing services listening on localhost ports","category":"coding-agents","url":"https://www.openagentskill.com/skills/raskrebs-sonar","repository":"https://github.com/raskrebs/sonar","github_repo":"raskrebs/sonar"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Go","Developer Tools","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add raskrebs/sonar","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add raskrebs/sonar"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar\" agent skill from https://github.com/raskrebs/sonar. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar\" as a Claude Code skill from https://github.com/raskrebs/sonar. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar\" from https://github.com/raskrebs/sonar into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports"}],"handoff_url":"https://www.openagentskill.com/api/skills/raskrebs-sonar/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/raskrebs-sonar"},"trust":{"score":84,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"1.1K GitHub stars","repoActivity":"1.1K stars, 33 forks","lastPushed":"1mo since push","license":"MIT","repository":"https://github.com/raskrebs/sonar","install":"npx skills add raskrebs/sonar","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["coding-agents","developer-tools","automation","coding","cli","docker"],"known_risks":[]},"audit":{"score":88,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":96,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"1mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Sonar in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 84/100 Strong shortlist","Audit: 88/100 Safe to try","Safety: 60/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"raskrebs-sonar (Sonar)","install_command":"npx skills add raskrebs/sonar","risk_summary":"Safe to try; Reviewed with permission notes; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/raskrebs-sonar","api":"https://www.openagentskill.com/api/agent/skills/raskrebs-sonar","audit":"https://www.openagentskill.com/skills/raskrebs-sonar/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=raskrebs-sonar&task=Use%20Sonar%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/raskrebs-sonar/install","manifest":"https://www.openagentskill.com/api/registry/manifest/raskrebs-sonar"}},"platforms":["Go","Developer Tools","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"}],"install":"npx skills add raskrebs/sonar","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add raskrebs/sonar","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonar\" agent skill from https://github.com/raskrebs/sonar. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonar\" as a Claude Code skill from https://github.com/raskrebs/sonar. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonar\" from https://github.com/raskrebs/sonar into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: CLI tool for inspecting and managing services listening on localhost ports","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/raskrebs/sonar","github_repo":"raskrebs/sonar","version":"1.0.0","license":"MIT","updated_at":"2026-06-21T03:00:55.444998+00:00","canonical_key":"raskrebs/sonar","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 1,065 stars","Install handoff is available","Repository freshness signal is available","Registry match score 970"],"urls":{"web":"https://www.openagentskill.com/skills/raskrebs-sonar","api":"https://www.openagentskill.com/api/agent/skills/raskrebs-sonar","install_api":"https://www.openagentskill.com/api/skills/raskrebs-sonar/install","audit":"https://www.openagentskill.com/skills/raskrebs-sonar/audit","repository":"https://github.com/raskrebs/sonar"}},{"rank":2,"match_score":357.3,"slug":"sonarsource-sonarjs","name":"SonarJS","description":"SonarSource Static Analyzer for JavaScript and TypeScript","tagline":"SonarSource Static Analyzer for JavaScript and TypeScript","category":"development","tags":["static-analysis","code-quality","javascript","language-team","sonarcloud","sonarqube","static-analyzer","static-code-analysis","typescript","github"],"author":{"name":"SonarSource","verified":true,"url":"https://github.com/SonarSource"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"SonarSource/SonarJS","creatorName":"SonarSource","creatorUrl":"https://github.com/SonarSource","sourceUrl":"https://github.com/SonarSource/SonarJS","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/sonarsource-sonarjs#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":1241,"forks":193,"downloads":0,"rating":0,"review_count":0,"quality_score":63.36},"quality":{"score":97,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"1.2K","tone":"positive"},{"label":"Freshness","value":"8d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":87,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"1.2K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":77,"weight":0.08,"status":"info","detail":"1.2K stars, 193 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"8d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add SonarSource/SonarJS"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/SonarSource/SonarJS"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"1.2K GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"1.2K stars, 193 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"8d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add SonarSource/SonarJS"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/SonarSource/SonarJS"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","License clarity: Unknown"],"evidence":{"stars":"1.2K GitHub stars","repoActivity":"1.2K stars, 193 forks","lastPushed":"8d since push","license":"Unknown","repository":"https://github.com/SonarSource/SonarJS","install":"npx skills add SonarSource/SonarJS","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add SonarSource/SonarJS","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","8d since push"]},"agentCompatibility":["TypeScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","License clarity: Unknown"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["development","static-analysis","code-quality","javascript","language-team","sonarcloud"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","License clarity: Unknown"]},"safety":{"score":75,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","75/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","75/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"sports-analytics","title":"Sports analytics"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","TypeScript"],"install":{"ready":true,"command":"npx skills add SonarSource/SonarJS","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":1241,"starsLabel":"1.2K","forks":193,"license":"Unknown","qualityScore":97,"trustScore":87,"auditScore":91},"maintenance":{"status":"fresh","label":"8d since push","daysSincePush":8,"lastPushedAt":"2026-06-14T14:46:23+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["License is unclear","License clarity: Unknown"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","javascript","language-team","sonarcloud"]},"audit":{"audit_score":91,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarjs","name":"SonarJS","description":"SonarSource Static Analyzer for JavaScript and TypeScript","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarjs","repository":"https://github.com/SonarSource/SonarJS","github_repo":"SonarSource/SonarJS"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Load football datasets","Compare teams and players"],"suited_agents":["TypeScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/SonarJS","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/SonarJS"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"SonarJS\" agent skill from https://github.com/SonarSource/SonarJS. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"SonarJS\" as a Claude Code skill from https://github.com/SonarSource/SonarJS. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"SonarJS\" from https://github.com/SonarSource/SonarJS into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarjs/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarjs"},"trust":{"score":87,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"1.2K GitHub stars","repoActivity":"1.2K stars, 193 forks","lastPushed":"8d since push","license":"Unknown","repository":"https://github.com/SonarSource/SonarJS","install":"npx skills add SonarSource/SonarJS","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["development","static-analysis","code-quality","javascript","language-team","sonarcloud"],"known_risks":["License is unclear","License clarity: Unknown"]},"audit":{"score":91,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":97,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"8d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use SonarJS in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 87/100 Production candidate","Audit: 91/100 Safe to try","Safety: 75/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarjs (SonarJS)","install_command":"npx skills add SonarSource/SonarJS","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarjs","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarjs","audit":"https://www.openagentskill.com/skills/sonarsource-sonarjs/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarjs&task=Use%20SonarJS%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20SonarJS%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarjs/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarjs"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarjs","name":"SonarJS","description":"SonarSource Static Analyzer for JavaScript and TypeScript","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarjs","repository":"https://github.com/SonarSource/SonarJS","github_repo":"SonarSource/SonarJS"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Load football datasets","Compare teams and players"],"suited_agents":["TypeScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/SonarJS","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/SonarJS"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"SonarJS\" agent skill from https://github.com/SonarSource/SonarJS. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"SonarJS\" as a Claude Code skill from https://github.com/SonarSource/SonarJS. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"SonarJS\" from https://github.com/SonarSource/SonarJS into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarjs/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarjs"},"trust":{"score":87,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"1.2K GitHub stars","repoActivity":"1.2K stars, 193 forks","lastPushed":"8d since push","license":"Unknown","repository":"https://github.com/SonarSource/SonarJS","install":"npx skills add SonarSource/SonarJS","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["development","static-analysis","code-quality","javascript","language-team","sonarcloud"],"known_risks":["License is unclear","License clarity: Unknown"]},"audit":{"score":91,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":97,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"8d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use SonarJS in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 87/100 Production candidate","Audit: 91/100 Safe to try","Safety: 75/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarjs (SonarJS)","install_command":"npx skills add SonarSource/SonarJS","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarjs","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarjs","audit":"https://www.openagentskill.com/skills/sonarsource-sonarjs/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarjs&task=Use%20SonarJS%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20SonarJS%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarjs/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarjs"}},"platforms":["TypeScript","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"}],"install":"npx skills add SonarSource/SonarJS","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add SonarSource/SonarJS","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"SonarJS\" agent skill from https://github.com/SonarSource/SonarJS. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"SonarJS\" as a Claude Code skill from https://github.com/SonarSource/SonarJS. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"SonarJS\" from https://github.com/SonarSource/SonarJS into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarSource Static Analyzer for JavaScript and TypeScript","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/SonarSource/SonarJS","github_repo":"SonarSource/SonarJS","version":"1.0.0","license":"Unknown","updated_at":"2026-06-14T16:01:14.007676+00:00","canonical_key":"sonarsource/sonarjs","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 1,241 stars","Install handoff is available","Repository freshness signal is available","Registry match score 357"],"urls":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarjs","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarjs","install_api":"https://www.openagentskill.com/api/skills/sonarsource-sonarjs/install","audit":"https://www.openagentskill.com/skills/sonarsource-sonarjs/audit","repository":"https://github.com/SonarSource/SonarJS"}},{"rank":3,"match_score":357.2,"slug":"sonarsource-sonar-java","name":"Sonar Java","description":":coffee: SonarSource Static Analyzer for Java Code Quality and Security","tagline":":coffee: SonarSource Static Analyzer for Java Code Quality and Security","category":"development","tags":["static-analysis","code-quality","analysis","analyzer","java","language-team","quality","sonarcloud","sonarlint","sonarqube"],"author":{"name":"SonarSource","verified":true,"url":"https://github.com/SonarSource"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"SonarSource/sonar-java","creatorName":"SonarSource","creatorUrl":"https://github.com/SonarSource","sourceUrl":"https://github.com/SonarSource/sonar-java","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/sonarsource-sonar-java#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":1206,"forks":725,"downloads":0,"rating":0,"review_count":0,"quality_score":63.27},"quality":{"score":97,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"1.2K","tone":"positive"},{"label":"Freshness","value":"10d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":87,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"1.2K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":83,"weight":0.08,"status":"pass","detail":"1.2K stars, 725 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"10d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add SonarSource/sonar-java"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/SonarSource/sonar-java"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"1.2K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"1.2K stars, 725 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"10d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add SonarSource/sonar-java"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/SonarSource/sonar-java"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","License clarity: Unknown"],"evidence":{"stars":"1.2K GitHub stars","repoActivity":"1.2K stars, 725 forks","lastPushed":"10d since push","license":"Unknown","repository":"https://github.com/SonarSource/sonar-java","install":"npx skills add SonarSource/sonar-java","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add SonarSource/sonar-java","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","10d since push"]},"agentCompatibility":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","License clarity: Unknown"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["development","static-analysis","code-quality","analysis","analyzer","java"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","License clarity: Unknown"]},"safety":{"score":75,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","75/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","75/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"sports-analytics","title":"Sports analytics"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Java"],"install":{"ready":true,"command":"npx skills add SonarSource/sonar-java","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":1206,"starsLabel":"1.2K","forks":725,"license":"Unknown","qualityScore":97,"trustScore":87,"auditScore":91},"maintenance":{"status":"fresh","label":"10d since push","daysSincePush":10,"lastPushedAt":"2026-06-12T15:15:16+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["License is unclear","License clarity: Unknown"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","analysis","analyzer","java"]},"audit":{"audit_score":91,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonar-java","name":"Sonar Java","description":":coffee: SonarSource Static Analyzer for Java Code Quality and Security","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonar-java","repository":"https://github.com/SonarSource/sonar-java","github_repo":"SonarSource/sonar-java"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Load football datasets","Compare teams and players"],"suited_agents":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonar-java","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonar-java"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar Java\" agent skill from https://github.com/SonarSource/sonar-java. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar Java\" as a Claude Code skill from https://github.com/SonarSource/sonar-java. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar Java\" from https://github.com/SonarSource/sonar-java into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonar-java/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-java"},"trust":{"score":87,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"1.2K GitHub stars","repoActivity":"1.2K stars, 725 forks","lastPushed":"10d since push","license":"Unknown","repository":"https://github.com/SonarSource/sonar-java","install":"npx skills add SonarSource/sonar-java","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["development","static-analysis","code-quality","analysis","analyzer","java"],"known_risks":["License is unclear","License clarity: Unknown"]},"audit":{"score":91,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":97,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"10d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Sonar Java in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 87/100 Production candidate","Audit: 91/100 Safe to try","Safety: 75/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonar-java (Sonar Java)","install_command":"npx skills add SonarSource/sonar-java","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonar-java","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonar-java","audit":"https://www.openagentskill.com/skills/sonarsource-sonar-java/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonar-java&task=Use%20Sonar%20Java%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20Java%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonar-java/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-java"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonar-java","name":"Sonar Java","description":":coffee: SonarSource Static Analyzer for Java Code Quality and Security","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonar-java","repository":"https://github.com/SonarSource/sonar-java","github_repo":"SonarSource/sonar-java"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Load football datasets","Compare teams and players"],"suited_agents":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonar-java","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonar-java"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar Java\" agent skill from https://github.com/SonarSource/sonar-java. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar Java\" as a Claude Code skill from https://github.com/SonarSource/sonar-java. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar Java\" from https://github.com/SonarSource/sonar-java into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonar-java/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-java"},"trust":{"score":87,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"1.2K GitHub stars","repoActivity":"1.2K stars, 725 forks","lastPushed":"10d since push","license":"Unknown","repository":"https://github.com/SonarSource/sonar-java","install":"npx skills add SonarSource/sonar-java","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["development","static-analysis","code-quality","analysis","analyzer","java"],"known_risks":["License is unclear","License clarity: Unknown"]},"audit":{"score":91,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":97,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"10d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Sonar Java in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 87/100 Production candidate","Audit: 91/100 Safe to try","Safety: 75/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonar-java (Sonar Java)","install_command":"npx skills add SonarSource/sonar-java","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonar-java","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonar-java","audit":"https://www.openagentskill.com/skills/sonarsource-sonar-java/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonar-java&task=Use%20Sonar%20Java%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20Java%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonar-java/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-java"}},"platforms":["Java","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"}],"install":"npx skills add SonarSource/sonar-java","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add SonarSource/sonar-java","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonar Java\" agent skill from https://github.com/SonarSource/sonar-java. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonar Java\" as a Claude Code skill from https://github.com/SonarSource/sonar-java. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonar Java\" from https://github.com/SonarSource/sonar-java into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: :coffee: SonarSource Static Analyzer for Java Code Quality and Security","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/SonarSource/sonar-java","github_repo":"SonarSource/sonar-java","version":"1.0.0","license":"Unknown","updated_at":"2026-06-14T16:01:14.111734+00:00","canonical_key":"sonarsource/sonar-java","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 1,206 stars","Install handoff is available","Repository freshness signal is available","Registry match score 357"],"urls":{"web":"https://www.openagentskill.com/skills/sonarsource-sonar-java","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonar-java","install_api":"https://www.openagentskill.com/api/skills/sonarsource-sonar-java/install","audit":"https://www.openagentskill.com/skills/sonarsource-sonar-java/audit","repository":"https://github.com/SonarSource/sonar-java"}},{"rank":4,"match_score":347.4,"slug":"sonarsource-sonarlint-intellij","name":"Sonarlint Intellij","description":"SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","tagline":"SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","category":"development","tags":["static-analysis","code-quality","intellij","security","sonarlint","sonarqube","kotlin","github"],"author":{"name":"SonarSource","verified":false,"url":"https://github.com/SonarSource"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"SonarSource/sonarlint-intellij","creatorName":"SonarSource","creatorUrl":"https://github.com/SonarSource","sourceUrl":"https://github.com/SonarSource/sonarlint-intellij","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":636,"forks":156,"downloads":0,"rating":0,"review_count":0,"quality_score":53.33},"quality":{"score":85,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"636","tone":"positive"},{"label":"Freshness","value":"8d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"LGPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":86,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":76,"weight":0.13,"status":"info","detail":"636 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":71,"weight":0.08,"status":"info","detail":"636 stars, 156 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"8d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"LGPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add SonarSource/sonarlint-intellij"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":100,"weight":0.07,"status":"pass","detail":"no high-risk permission surface in public metadata"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/SonarSource/sonarlint-intellij"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"636 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"636 stars, 156 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"8d since push"},{"status":"pass","label":"License clarity","detail":"LGPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add SonarSource/sonarlint-intellij"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"no high-risk permission surface in public metadata"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/SonarSource/sonarlint-intellij"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Quality score needs review"],"evidence":{"stars":"636 GitHub stars","repoActivity":"636 stars, 156 forks","lastPushed":"8d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarlint-intellij","install":"npx skills add SonarSource/sonarlint-intellij","installSafety":"standard package or runtime install path","permissionSurface":"no high-risk permission surface in public metadata","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add SonarSource/sonarlint-intellij","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","8d since push"]},"agentCompatibility":["Kotlin","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["Quality score needs review"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["development","static-analysis","code-quality","intellij","security","sonarlint"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Quality score needs review"]},"safety":{"score":77,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","77/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"}],"policy_warnings":["Quality score needs review"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","77/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"research-agents","title":"Research agents"},{"slug":"sports-analytics","title":"Sports analytics"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Kotlin"],"install":{"ready":true,"command":"npx skills add SonarSource/sonarlint-intellij","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":636,"starsLabel":"636","forks":156,"license":"LGPL-3.0","qualityScore":85,"trustScore":86,"auditScore":89},"maintenance":{"status":"fresh","label":"8d since push","daysSincePush":8,"lastPushedAt":"2026-06-14T22:43:06+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Quality score needs review"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","intellij","security","sonarlint"]},"audit":{"audit_score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"decision":{"readiness_score":96,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarlint-intellij","name":"Sonarlint Intellij","description":"SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij","repository":"https://github.com/SonarSource/sonarlint-intellij","github_repo":"SonarSource/sonarlint-intellij"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Search sources","Extract claims"],"suited_agents":["Kotlin","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonarlint-intellij","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonarlint-intellij"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarlint Intellij\" agent skill from https://github.com/SonarSource/sonarlint-intellij. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarlint Intellij\" as a Claude Code skill from https://github.com/SonarSource/sonarlint-intellij. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarlint Intellij\" from https://github.com/SonarSource/sonarlint-intellij into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-intellij/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-intellij"},"trust":{"score":86,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"636 GitHub stars","repoActivity":"636 stars, 156 forks","lastPushed":"8d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarlint-intellij","install":"npx skills add SonarSource/sonarlint-intellij","installSafety":"standard package or runtime install path","permissionSurface":"no high-risk permission surface in public metadata","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","intellij","security","sonarlint"],"known_risks":["Quality score needs review"]},"audit":{"score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":85,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"8d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonarlint Intellij in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 86/100 Production candidate","Audit: 89/100 Safe to try","Safety: 77/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarlint-intellij (Sonarlint Intellij)","install_command":"npx skills add SonarSource/sonarlint-intellij","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarlint-intellij","audit":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarlint-intellij&task=Use%20Sonarlint%20Intellij%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarlint%20Intellij%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-intellij/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-intellij"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarlint-intellij","name":"Sonarlint Intellij","description":"SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij","repository":"https://github.com/SonarSource/sonarlint-intellij","github_repo":"SonarSource/sonarlint-intellij"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Search sources","Extract claims"],"suited_agents":["Kotlin","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonarlint-intellij","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonarlint-intellij"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarlint Intellij\" agent skill from https://github.com/SonarSource/sonarlint-intellij. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarlint Intellij\" as a Claude Code skill from https://github.com/SonarSource/sonarlint-intellij. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarlint Intellij\" from https://github.com/SonarSource/sonarlint-intellij into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-intellij/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-intellij"},"trust":{"score":86,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"636 GitHub stars","repoActivity":"636 stars, 156 forks","lastPushed":"8d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarlint-intellij","install":"npx skills add SonarSource/sonarlint-intellij","installSafety":"standard package or runtime install path","permissionSurface":"no high-risk permission surface in public metadata","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","intellij","security","sonarlint"],"known_risks":["Quality score needs review"]},"audit":{"score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":85,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"8d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonarlint Intellij in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 86/100 Production candidate","Audit: 89/100 Safe to try","Safety: 77/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarlint-intellij (Sonarlint Intellij)","install_command":"npx skills add SonarSource/sonarlint-intellij","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarlint-intellij","audit":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarlint-intellij&task=Use%20Sonarlint%20Intellij%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarlint%20Intellij%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-intellij/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-intellij"}},"platforms":["Kotlin","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"},{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"}],"install":"npx skills add SonarSource/sonarlint-intellij","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add SonarSource/sonarlint-intellij","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonarlint Intellij\" agent skill from https://github.com/SonarSource/sonarlint-intellij. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonarlint Intellij\" as a Claude Code skill from https://github.com/SonarSource/sonarlint-intellij. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonarlint Intellij\" from https://github.com/SonarSource/sonarlint-intellij into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarQube plugin for JetBrains IDEs providing code quality and security feedback directly in the IDE","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/SonarSource/sonarlint-intellij","github_repo":"SonarSource/sonarlint-intellij","version":"1.0.0","license":"LGPL-3.0","updated_at":"2026-06-15T03:00:45.351048+00:00","canonical_key":"sonarsource/sonarlint-intellij","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 636 stars","Install handoff is available","Repository freshness signal is available","Registry match score 347"],"urls":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarlint-intellij","install_api":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-intellij/install","audit":"https://www.openagentskill.com/skills/sonarsource-sonarlint-intellij/audit","repository":"https://github.com/SonarSource/sonarlint-intellij"}},{"rank":5,"match_score":347.3,"slug":"sonarsource-sonarlint-vscode","name":"Sonarlint Vscode","description":"SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","tagline":"SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","category":"development","tags":["static-analysis","code-quality","security","sonarlint","sonarqube","vscode","css","github"],"author":{"name":"SonarSource","verified":false,"url":"https://github.com/SonarSource"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"SonarSource/sonarlint-vscode","creatorName":"SonarSource","creatorUrl":"https://github.com/SonarSource","sourceUrl":"https://github.com/SonarSource/sonarlint-vscode","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":617,"forks":97,"downloads":0,"rating":0,"review_count":0,"quality_score":53.24},"quality":{"score":85,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"617","tone":"positive"},{"label":"Freshness","value":"11d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"LGPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":86,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":76,"weight":0.13,"status":"info","detail":"617 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":71,"weight":0.08,"status":"info","detail":"617 stars, 97 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"11d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"LGPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add SonarSource/sonarlint-vscode"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/SonarSource/sonarlint-vscode"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"617 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"617 stars, 97 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"11d since push"},{"status":"pass","label":"License clarity","detail":"LGPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add SonarSource/sonarlint-vscode"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/SonarSource/sonarlint-vscode"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Quality score needs review"],"evidence":{"stars":"617 GitHub stars","repoActivity":"617 stars, 97 forks","lastPushed":"11d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarlint-vscode","install":"npx skills add SonarSource/sonarlint-vscode","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add SonarSource/sonarlint-vscode","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","11d since push"]},"agentCompatibility":["CSS","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["Quality score needs review"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["development","static-analysis","code-quality","security","sonarlint","sonarqube"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Quality score needs review"]},"safety":{"score":73,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","73/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["Quality score needs review"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","73/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"research-agents","title":"Research agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","CSS"],"install":{"ready":true,"command":"npx skills add SonarSource/sonarlint-vscode","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":617,"starsLabel":"617","forks":97,"license":"LGPL-3.0","qualityScore":85,"trustScore":86,"auditScore":89},"maintenance":{"status":"fresh","label":"11d since push","daysSincePush":11,"lastPushedAt":"2026-06-12T07:08:15+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Quality score needs review"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","security","sonarlint","sonarqube"]},"audit":{"audit_score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"decision":{"readiness_score":96,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarlint-vscode","name":"Sonarlint Vscode","description":"SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode","repository":"https://github.com/SonarSource/sonarlint-vscode","github_repo":"SonarSource/sonarlint-vscode"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["CSS","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonarlint-vscode","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonarlint-vscode"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarlint Vscode\" agent skill from https://github.com/SonarSource/sonarlint-vscode. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarlint Vscode\" as a Claude Code skill from https://github.com/SonarSource/sonarlint-vscode. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarlint Vscode\" from https://github.com/SonarSource/sonarlint-vscode into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-vscode/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-vscode"},"trust":{"score":86,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"617 GitHub stars","repoActivity":"617 stars, 97 forks","lastPushed":"11d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarlint-vscode","install":"npx skills add SonarSource/sonarlint-vscode","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","security","sonarlint","sonarqube"],"known_risks":["Quality score needs review"]},"audit":{"score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":85,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"11d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonarlint Vscode in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 86/100 Production candidate","Audit: 89/100 Safe to try","Safety: 73/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarlint-vscode (Sonarlint Vscode)","install_command":"npx skills add SonarSource/sonarlint-vscode","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarlint-vscode","audit":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarlint-vscode&task=Use%20Sonarlint%20Vscode%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarlint%20Vscode%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-vscode/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-vscode"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarlint-vscode","name":"Sonarlint Vscode","description":"SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode","repository":"https://github.com/SonarSource/sonarlint-vscode","github_repo":"SonarSource/sonarlint-vscode"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["CSS","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonarlint-vscode","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonarlint-vscode"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarlint Vscode\" agent skill from https://github.com/SonarSource/sonarlint-vscode. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarlint Vscode\" as a Claude Code skill from https://github.com/SonarSource/sonarlint-vscode. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarlint Vscode\" from https://github.com/SonarSource/sonarlint-vscode into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-vscode/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-vscode"},"trust":{"score":86,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"617 GitHub stars","repoActivity":"617 stars, 97 forks","lastPushed":"11d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarlint-vscode","install":"npx skills add SonarSource/sonarlint-vscode","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","security","sonarlint","sonarqube"],"known_risks":["Quality score needs review"]},"audit":{"score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":85,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"11d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonarlint Vscode in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 86/100 Production candidate","Audit: 89/100 Safe to try","Safety: 73/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarlint-vscode (Sonarlint Vscode)","install_command":"npx skills add SonarSource/sonarlint-vscode","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarlint-vscode","audit":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarlint-vscode&task=Use%20Sonarlint%20Vscode%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarlint%20Vscode%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-vscode/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarlint-vscode"}},"platforms":["CSS","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add SonarSource/sonarlint-vscode","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add SonarSource/sonarlint-vscode","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonarlint Vscode\" agent skill from https://github.com/SonarSource/sonarlint-vscode. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonarlint Vscode\" as a Claude Code skill from https://github.com/SonarSource/sonarlint-vscode. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonarlint Vscode\" from https://github.com/SonarSource/sonarlint-vscode into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: SonarQube extension for Visual Studio Code providing code quality and security feedback directly in the editor","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/SonarSource/sonarlint-vscode","github_repo":"SonarSource/sonarlint-vscode","version":"1.0.0","license":"LGPL-3.0","updated_at":"2026-06-14T16:01:15.348427+00:00","canonical_key":"sonarsource/sonarlint-vscode","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 617 stars","Install handoff is available","Repository freshness signal is available","Registry match score 347"],"urls":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarlint-vscode","install_api":"https://www.openagentskill.com/api/skills/sonarsource-sonarlint-vscode/install","audit":"https://www.openagentskill.com/skills/sonarsource-sonarlint-vscode/audit","repository":"https://github.com/SonarSource/sonarlint-vscode"}},{"rank":6,"match_score":339.6,"slug":"kitabisa-sonarqube-action","name":"Sonarqube Action","description":"Integrate SonarQube scanner to GitHub Actions","tagline":"Integrate SonarQube scanner to GitHub Actions","category":"coding-agents","tags":["code-review","developer-tools","coding","code-quality","devsecops","github-actions","security","sonar-scanner","sonarqube","static-analysis"],"author":{"name":"kitabisa","verified":false,"url":"https://github.com/kitabisa"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"kitabisa/sonarqube-action","creatorName":"kitabisa","creatorUrl":"https://github.com/kitabisa","sourceUrl":"https://github.com/kitabisa/sonarqube-action","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":159,"forks":103,"downloads":0,"rating":0,"review_count":0,"quality_score":34.13},"quality":{"score":48,"tier":"review","label":"Needs review","summary":"Inspect the repository carefully before adding it to an agent workflow.","signals":[{"label":"GitHub stars","value":"159","tone":"neutral"},{"label":"Freshness","value":"1y ago","tone":"warning"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":["Repository looks stale"]},"trust":{"version":"trust-score-v4","score":70,"tier":"review","label":"Manual review","summary":"Potentially useful, but at least one trust signal needs human inspection.","recommendedAction":"Inspect the repository, license, and recent activity before connecting it to agent workflows.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":62,"weight":0.13,"status":"info","detail":"159 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":62,"weight":0.08,"status":"info","detail":"159 stars, 103 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":38,"weight":0.14,"status":"fail","detail":"1y since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"command execution surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add kitabisa/sonarqube-action"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":62,"weight":0.07,"status":"info","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/kitabisa/sonarqube-action"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"159 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"159 stars, 103 forks; issue activity unavailable in current metadata"},{"status":"fail","label":"Recent maintenance","detail":"1y since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"info","label":"Dependency/runtime risk","detail":"command execution surface"},{"status":"pass","label":"Install availability","detail":"npx skills add kitabisa/sonarqube-action"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/kitabisa/sonarqube-action"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Install command has no obvious high-risk pattern"],"warnings":["Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"],"evidence":{"stars":"159 GitHub stars","repoActivity":"159 stars, 103 forks","lastPushed":"1y since push","license":"MIT","repository":"https://github.com/kitabisa/sonarqube-action","install":"npx skills add kitabisa/sonarqube-action","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add kitabisa/sonarqube-action","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is declared","1y since push"]},"agentCompatibility":["Shell","Code Review","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["coding-agents","code-review","developer-tools","coding","code-quality","devsecops"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"knownRisks":["Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"safety":{"score":36,"level":"avoid_auto_install","label":"Avoid automatic install","safety_tier":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","summary":"Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","36/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"needs_review","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution","Repository appears stale"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","reasons":["High-risk permission hints: Shell or command execution","36/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"github-automation","title":"GitHub automation"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Shell"],"install":{"ready":true,"command":"npx skills add kitabisa/sonarqube-action","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":159,"starsLabel":"159","forks":103,"license":"MIT","qualityScore":48,"trustScore":70,"auditScore":64},"maintenance":{"status":"stale","label":"1y since push","daysSincePush":540,"lastPushedAt":"2024-12-29T15:47:56+00:00"},"risk":{"level":"needs_review","label":"Needs review","requiresReview":true,"notes":["Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 1y since push","Needs review"]},"coverageTags":["Coding","Coding agents","coding-agents","code-review","developer-tools","code-quality","devsecops","github-actions"]},"audit":{"audit_score":64,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"decision":{"readiness_score":38,"readiness_label":"Needs manual review","headline":"Needs validation for Coding agents","role":"Needs validation","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","builders willing to evaluate younger projects"],"risks":["Repository looks stale","No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"kitabisa-sonarqube-action","name":"Sonarqube Action","description":"Integrate SonarQube scanner to GitHub Actions","category":"coding-agents","url":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action","repository":"https://github.com/kitabisa/sonarqube-action","github_repo":"kitabisa/sonarqube-action"},"suited_tasks":["Coding agents workflows","Claude Code teams","builders willing to evaluate younger projects","Inspect source files","Explain architecture","Patch bugs and verify changes","Inspect repository metadata","Compare code changes"],"suited_agents":["Shell","Code Review","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add kitabisa/sonarqube-action","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add kitabisa/sonarqube-action"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarqube Action\" agent skill from https://github.com/kitabisa/sonarqube-action. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Integrate SonarQube scanner to GitHub Actions"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarqube Action\" as a Claude Code skill from https://github.com/kitabisa/sonarqube-action. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Integrate SonarQube scanner to GitHub Actions"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarqube Action\" from https://github.com/kitabisa/sonarqube-action into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Integrate SonarQube scanner to GitHub Actions"}],"handoff_url":"https://www.openagentskill.com/api/skills/kitabisa-sonarqube-action/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/kitabisa-sonarqube-action"},"trust":{"score":70,"label":"Manual review","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"159 GitHub stars","repoActivity":"159 stars, 103 forks","lastPushed":"1y since push","license":"MIT","repository":"https://github.com/kitabisa/sonarqube-action","install":"npx skills add kitabisa/sonarqube-action","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["coding-agents","code-review","developer-tools","coding","code-quality","devsecops"],"known_risks":["Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"audit":{"score":64,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":48,"label":"Needs review"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"1y since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that require actively maintained dependencies","production agents without a repository review","Repository looks stale","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Repository appears stale","Quality score needs review","Recent maintenance: 1y since push"],"agent_contract":{"task_input":"Use Sonarqube Action in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 70/100 Manual review","Audit: 64/100 Needs review","Safety: 36/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"kitabisa-sonarqube-action (Sonarqube Action)","install_command":"npx skills add kitabisa/sonarqube-action","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action","api":"https://www.openagentskill.com/api/agent/skills/kitabisa-sonarqube-action","audit":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=kitabisa-sonarqube-action&task=Use%20Sonarqube%20Action%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarqube%20Action%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/kitabisa-sonarqube-action/install","manifest":"https://www.openagentskill.com/api/registry/manifest/kitabisa-sonarqube-action"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"kitabisa-sonarqube-action","name":"Sonarqube Action","description":"Integrate SonarQube scanner to GitHub Actions","category":"coding-agents","url":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action","repository":"https://github.com/kitabisa/sonarqube-action","github_repo":"kitabisa/sonarqube-action"},"suited_tasks":["Coding agents workflows","Claude Code teams","builders willing to evaluate younger projects","Inspect source files","Explain architecture","Patch bugs and verify changes","Inspect repository metadata","Compare code changes"],"suited_agents":["Shell","Code Review","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add kitabisa/sonarqube-action","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add kitabisa/sonarqube-action"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarqube Action\" agent skill from https://github.com/kitabisa/sonarqube-action. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Integrate SonarQube scanner to GitHub Actions"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarqube Action\" as a Claude Code skill from https://github.com/kitabisa/sonarqube-action. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Integrate SonarQube scanner to GitHub Actions"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarqube Action\" from https://github.com/kitabisa/sonarqube-action into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Integrate SonarQube scanner to GitHub Actions"}],"handoff_url":"https://www.openagentskill.com/api/skills/kitabisa-sonarqube-action/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/kitabisa-sonarqube-action"},"trust":{"score":70,"label":"Manual review","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"159 GitHub stars","repoActivity":"159 stars, 103 forks","lastPushed":"1y since push","license":"MIT","repository":"https://github.com/kitabisa/sonarqube-action","install":"npx skills add kitabisa/sonarqube-action","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["coding-agents","code-review","developer-tools","coding","code-quality","devsecops"],"known_risks":["Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"audit":{"score":64,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 1y since push"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":48,"label":"Needs review"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"1y since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that require actively maintained dependencies","production agents without a repository review","Repository looks stale","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Repository appears stale","Quality score needs review","Recent maintenance: 1y since push"],"agent_contract":{"task_input":"Use Sonarqube Action in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 70/100 Manual review","Audit: 64/100 Needs review","Safety: 36/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"kitabisa-sonarqube-action (Sonarqube Action)","install_command":"npx skills add kitabisa/sonarqube-action","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action","api":"https://www.openagentskill.com/api/agent/skills/kitabisa-sonarqube-action","audit":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=kitabisa-sonarqube-action&task=Use%20Sonarqube%20Action%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarqube%20Action%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/kitabisa-sonarqube-action/install","manifest":"https://www.openagentskill.com/api/registry/manifest/kitabisa-sonarqube-action"}},"platforms":["Shell","Code Review","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add kitabisa/sonarqube-action","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add kitabisa/sonarqube-action","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonarqube Action\" agent skill from https://github.com/kitabisa/sonarqube-action. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Integrate SonarQube scanner to GitHub Actions","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonarqube Action\" as a Claude Code skill from https://github.com/kitabisa/sonarqube-action. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Integrate SonarQube scanner to GitHub Actions","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonarqube Action\" from https://github.com/kitabisa/sonarqube-action into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Integrate SonarQube scanner to GitHub Actions","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/kitabisa/sonarqube-action","github_repo":"kitabisa/sonarqube-action","version":"1.0.0","license":"MIT","updated_at":"2026-06-23T03:03:25.482419+00:00","canonical_key":"kitabisa/sonarqube-action","recommendation_reasons":["Matches task terms: sonar","Install handoff is available","Repository freshness signal is available","Registry match score 340"],"urls":{"web":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action","api":"https://www.openagentskill.com/api/agent/skills/kitabisa-sonarqube-action","install_api":"https://www.openagentskill.com/api/skills/kitabisa-sonarqube-action/install","audit":"https://www.openagentskill.com/skills/kitabisa-sonarqube-action/audit","repository":"https://github.com/kitabisa/sonarqube-action"}},{"rank":7,"match_score":332,"slug":"yinwang0-pysonar2","name":"Pysonar2","description":"PySonar2: a semantic indexer for Python with interprocedual type inference","tagline":"PySonar2: a semantic indexer for Python with interprocedual type inference","category":"development","tags":["static-analysis","code-quality","code-analysis","code-intelligence","code-search","index","python","type-inference","java","github"],"author":{"name":"yinwang0","verified":true,"url":"https://github.com/yinwang0"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"yinwang0/pysonar2","creatorName":"yinwang0","creatorUrl":"https://github.com/yinwang0","sourceUrl":"https://github.com/yinwang0/pysonar2","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/yinwang0-pysonar2#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":1421,"forks":499,"downloads":0,"rating":0,"review_count":0,"quality_score":56.77},"quality":{"score":93,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"1.4K","tone":"positive"},{"label":"Freshness","value":"4mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Apache-2.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":88,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"1.4K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":83,"weight":0.08,"status":"pass","detail":"1.4K stars, 499 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":76,"weight":0.14,"status":"info","detail":"4mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"Apache-2.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add yinwang0/pysonar2"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/yinwang0/pysonar2"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"1.4K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"1.4K stars, 499 forks; issue activity unavailable in current metadata"},{"status":"info","label":"Recent maintenance","detail":"4mo since push"},{"status":"pass","label":"License clarity","detail":"Apache-2.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add yinwang0/pysonar2"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/yinwang0/pysonar2"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"1.4K GitHub stars","repoActivity":"1.4K stars, 499 forks","lastPushed":"4mo since push","license":"Apache-2.0","repository":"https://github.com/yinwang0/pysonar2","install":"npx skills add yinwang0/pysonar2","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add yinwang0/pysonar2","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","4mo since push"]},"agentCompatibility":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["development","static-analysis","code-quality","code-analysis","code-intelligence","code-search"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":80,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"allow","reasons":["Safe-to-try audit","80/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","80/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"research-agents","title":"Research agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Java"],"install":{"ready":true,"command":"npx skills add yinwang0/pysonar2","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":1421,"starsLabel":"1.4K","forks":499,"license":"Apache-2.0","qualityScore":93,"trustScore":88,"auditScore":88},"maintenance":{"status":"active","label":"4mo since push","daysSincePush":113,"lastPushedAt":"2026-03-02T04:19:48+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","code-analysis","code-intelligence","code-search"]},"audit":{"audit_score":88,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for RAG and knowledge","role":"Primary pick","primary_fit":"RAG and knowledge","best_for":["RAG and knowledge workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one RAG and knowledge task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"yinwang0-pysonar2","name":"Pysonar2","description":"PySonar2: a semantic indexer for Python with interprocedual type inference","category":"development","url":"https://www.openagentskill.com/skills/yinwang0-pysonar2","repository":"https://github.com/yinwang0/pysonar2","github_repo":"yinwang0/pysonar2"},"suited_tasks":["RAG and knowledge workflows","Claude Code teams","teams that value GitHub adoption signals","Chunk documents","Create embeddings","Retrieve and cite relevant passages","Inspect source files","Explain architecture"],"suited_agents":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add yinwang0/pysonar2","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add yinwang0/pysonar2"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Pysonar2\" agent skill from https://github.com/yinwang0/pysonar2. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Pysonar2\" as a Claude Code skill from https://github.com/yinwang0/pysonar2. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Pysonar2\" from https://github.com/yinwang0/pysonar2 into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference"}],"handoff_url":"https://www.openagentskill.com/api/skills/yinwang0-pysonar2/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/yinwang0-pysonar2"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"1.4K GitHub stars","repoActivity":"1.4K stars, 499 forks","lastPushed":"4mo since push","license":"Apache-2.0","repository":"https://github.com/yinwang0/pysonar2","install":"npx skills add yinwang0/pysonar2","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","code-analysis","code-intelligence","code-search"],"known_risks":[]},"audit":{"score":88,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":93,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"4mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Pysonar2 in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"allow","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 88/100 Safe to try","Safety: 80/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"yinwang0-pysonar2 (Pysonar2)","install_command":"npx skills add yinwang0/pysonar2","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/yinwang0-pysonar2","api":"https://www.openagentskill.com/api/agent/skills/yinwang0-pysonar2","audit":"https://www.openagentskill.com/skills/yinwang0-pysonar2/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=yinwang0-pysonar2&task=Use%20Pysonar2%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Pysonar2%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/yinwang0-pysonar2/install","manifest":"https://www.openagentskill.com/api/registry/manifest/yinwang0-pysonar2"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"yinwang0-pysonar2","name":"Pysonar2","description":"PySonar2: a semantic indexer for Python with interprocedual type inference","category":"development","url":"https://www.openagentskill.com/skills/yinwang0-pysonar2","repository":"https://github.com/yinwang0/pysonar2","github_repo":"yinwang0/pysonar2"},"suited_tasks":["RAG and knowledge workflows","Claude Code teams","teams that value GitHub adoption signals","Chunk documents","Create embeddings","Retrieve and cite relevant passages","Inspect source files","Explain architecture"],"suited_agents":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add yinwang0/pysonar2","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add yinwang0/pysonar2"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Pysonar2\" agent skill from https://github.com/yinwang0/pysonar2. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Pysonar2\" as a Claude Code skill from https://github.com/yinwang0/pysonar2. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Pysonar2\" from https://github.com/yinwang0/pysonar2 into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference"}],"handoff_url":"https://www.openagentskill.com/api/skills/yinwang0-pysonar2/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/yinwang0-pysonar2"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"1.4K GitHub stars","repoActivity":"1.4K stars, 499 forks","lastPushed":"4mo since push","license":"Apache-2.0","repository":"https://github.com/yinwang0/pysonar2","install":"npx skills add yinwang0/pysonar2","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","code-analysis","code-intelligence","code-search"],"known_risks":[]},"audit":{"score":88,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":93,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"4mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Pysonar2 in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"allow","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 88/100 Safe to try","Safety: 80/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"yinwang0-pysonar2 (Pysonar2)","install_command":"npx skills add yinwang0/pysonar2","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/yinwang0-pysonar2","api":"https://www.openagentskill.com/api/agent/skills/yinwang0-pysonar2","audit":"https://www.openagentskill.com/skills/yinwang0-pysonar2/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=yinwang0-pysonar2&task=Use%20Pysonar2%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Pysonar2%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/yinwang0-pysonar2/install","manifest":"https://www.openagentskill.com/api/registry/manifest/yinwang0-pysonar2"}},"platforms":["Java","Static Analysis","Claude Code"],"use_cases":[{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add yinwang0/pysonar2","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add yinwang0/pysonar2","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Pysonar2\" agent skill from https://github.com/yinwang0/pysonar2. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Pysonar2\" as a Claude Code skill from https://github.com/yinwang0/pysonar2. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Pysonar2\" from https://github.com/yinwang0/pysonar2 into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: PySonar2: a semantic indexer for Python with interprocedual type inference","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/yinwang0/pysonar2","github_repo":"yinwang0/pysonar2","version":"1.0.0","license":"Apache-2.0","updated_at":"2026-06-14T16:01:13.672723+00:00","canonical_key":"yinwang0/pysonar2","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 1,421 stars","Install handoff is available","Repository freshness signal is available","Registry match score 332"],"urls":{"web":"https://www.openagentskill.com/skills/yinwang0-pysonar2","api":"https://www.openagentskill.com/api/agent/skills/yinwang0-pysonar2","install_api":"https://www.openagentskill.com/api/skills/yinwang0-pysonar2/install","audit":"https://www.openagentskill.com/skills/yinwang0-pysonar2/audit","repository":"https://github.com/yinwang0/pysonar2"}},{"rank":8,"match_score":322.6,"slug":"cnescatlab-sonar-cnes-report","name":"Sonar Cnes Report","description":"Generates analysis reports from SonarQube web API.","tagline":"Generates analysis reports from SonarQube web API.","category":"document-processing","tags":["markdown","documents","cnes","csv","docx","export","plugin","quality","report","reporting"],"author":{"name":"cnescatlab","verified":false,"url":"https://github.com/cnescatlab"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"cnescatlab/sonar-cnes-report","creatorName":"cnescatlab","creatorUrl":"https://github.com/cnescatlab","sourceUrl":"https://github.com/cnescatlab/sonar-cnes-report","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":635,"forks":195,"downloads":0,"rating":0,"review_count":0,"quality_score":50.32},"quality":{"score":79,"tier":"strong","label":"Strong","summary":"Solid option that is likely worth shortlisting for production workflows.","signals":[{"label":"GitHub stars","value":"635","tone":"positive"},{"label":"Freshness","value":"1mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"GPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":80,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":76,"weight":0.13,"status":"info","detail":"635 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":71,"weight":0.08,"status":"info","detail":"635 stars, 195 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":88,"weight":0.14,"status":"pass","detail":"1mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"GPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":82,"weight":0.12,"status":"pass","detail":"network or browser surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add cnescatlab/sonar-cnes-report"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":72,"weight":0.07,"status":"info","detail":"filesystem or document access, network or browser access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/cnescatlab/sonar-cnes-report"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"635 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"635 stars, 195 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"1mo since push"},{"status":"pass","label":"License clarity","detail":"GPL-3.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"network or browser surface"},{"status":"pass","label":"Install availability","detail":"npx skills add cnescatlab/sonar-cnes-report"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"filesystem or document access, network or browser access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/cnescatlab/sonar-cnes-report"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Quality score needs review"],"evidence":{"stars":"635 GitHub stars","repoActivity":"635 stars, 195 forks","lastPushed":"1mo since push","license":"GPL-3.0","repository":"https://github.com/cnescatlab/sonar-cnes-report","install":"npx skills add cnescatlab/sonar-cnes-report","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add cnescatlab/sonar-cnes-report","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is declared","1mo since push"]},"agentCompatibility":["Java","Markdown","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Quality score needs review"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["document-processing","markdown","documents","cnes","csv","docx"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"knownRisks":["Quality score needs review"]},"safety":{"score":67,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","summary":"Usable candidate, but the agent should surface permission and audit notes before installation.","recommended_action":"Require human approval before installing into a real workspace.","auto_install_policy":"review","reasons":["Quality score needs review","67/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["Quality score needs review"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace.","reasons":["Quality score needs review","67/100 agent safety score"]},"supply_profile":{"track":{"slug":"research","label":"Research and knowledge work","shortLabel":"Research","description":"Deep research, source comparison, literature review, RAG, knowledge search, and reports."},"scenario":{"label":"Document processing","description":"I need my agent to read PDFs, extract tables, and turn documents into structured data.","useCases":[{"slug":"document-processing","title":"Document processing"},{"slug":"workflow-automation","title":"Workflow automation"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Java"],"install":{"ready":true,"command":"npx skills add cnescatlab/sonar-cnes-report","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":635,"starsLabel":"635","forks":195,"license":"GPL-3.0","qualityScore":79,"trustScore":80,"auditScore":83},"maintenance":{"status":"active","label":"1mo since push","daysSincePush":32,"lastPushedAt":"2026-05-21T13:03:17+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Quality score needs review"]},"coverageTags":["Research","Document processing","document-processing","markdown","documents","cnes","csv","docx"]},"audit":{"audit_score":83,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"decision":{"readiness_score":90,"readiness_label":"Production-ready","headline":"Primary pick for Document processing","role":"Primary pick","primary_fit":"Document processing","best_for":["Document processing workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Document processing task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"cnescatlab-sonar-cnes-report","name":"Sonar Cnes Report","description":"Generates analysis reports from SonarQube web API.","category":"document-processing","url":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report","repository":"https://github.com/cnescatlab/sonar-cnes-report","github_repo":"cnescatlab/sonar-cnes-report"},"suited_tasks":["Document processing workflows","Claude Code teams","teams that value GitHub adoption signals","Read uploaded files","Extract structured fields","Prepare clean context for downstream agents","Move data between tools","Transform files"],"suited_agents":["Java","Markdown","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add cnescatlab/sonar-cnes-report","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add cnescatlab/sonar-cnes-report"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar Cnes Report\" agent skill from https://github.com/cnescatlab/sonar-cnes-report. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Generates analysis reports from SonarQube web API."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar Cnes Report\" as a Claude Code skill from https://github.com/cnescatlab/sonar-cnes-report. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Generates analysis reports from SonarQube web API."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar Cnes Report\" from https://github.com/cnescatlab/sonar-cnes-report into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Generates analysis reports from SonarQube web API."}],"handoff_url":"https://www.openagentskill.com/api/skills/cnescatlab-sonar-cnes-report/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/cnescatlab-sonar-cnes-report"},"trust":{"score":80,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"635 GitHub stars","repoActivity":"635 stars, 195 forks","lastPushed":"1mo since push","license":"GPL-3.0","repository":"https://github.com/cnescatlab/sonar-cnes-report","install":"npx skills add cnescatlab/sonar-cnes-report","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["document-processing","markdown","documents","cnes","csv","docx"],"known_risks":["Quality score needs review"]},"audit":{"score":83,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":79,"label":"Strong"},"supply":{"track":"Research and knowledge work","scenario":"Document processing","maintenance":"1mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Sonar Cnes Report in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 80/100 Strong shortlist","Audit: 83/100 Safe to try","Safety: 67/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"cnescatlab-sonar-cnes-report (Sonar Cnes Report)","install_command":"npx skills add cnescatlab/sonar-cnes-report","risk_summary":"Safe to try; Reviewed with permission notes; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report","api":"https://www.openagentskill.com/api/agent/skills/cnescatlab-sonar-cnes-report","audit":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=cnescatlab-sonar-cnes-report&task=Use%20Sonar%20Cnes%20Report%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20Cnes%20Report%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/cnescatlab-sonar-cnes-report/install","manifest":"https://www.openagentskill.com/api/registry/manifest/cnescatlab-sonar-cnes-report"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"cnescatlab-sonar-cnes-report","name":"Sonar Cnes Report","description":"Generates analysis reports from SonarQube web API.","category":"document-processing","url":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report","repository":"https://github.com/cnescatlab/sonar-cnes-report","github_repo":"cnescatlab/sonar-cnes-report"},"suited_tasks":["Document processing workflows","Claude Code teams","teams that value GitHub adoption signals","Read uploaded files","Extract structured fields","Prepare clean context for downstream agents","Move data between tools","Transform files"],"suited_agents":["Java","Markdown","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add cnescatlab/sonar-cnes-report","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add cnescatlab/sonar-cnes-report"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar Cnes Report\" agent skill from https://github.com/cnescatlab/sonar-cnes-report. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Generates analysis reports from SonarQube web API."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar Cnes Report\" as a Claude Code skill from https://github.com/cnescatlab/sonar-cnes-report. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Generates analysis reports from SonarQube web API."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar Cnes Report\" from https://github.com/cnescatlab/sonar-cnes-report into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Generates analysis reports from SonarQube web API."}],"handoff_url":"https://www.openagentskill.com/api/skills/cnescatlab-sonar-cnes-report/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/cnescatlab-sonar-cnes-report"},"trust":{"score":80,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"635 GitHub stars","repoActivity":"635 stars, 195 forks","lastPushed":"1mo since push","license":"GPL-3.0","repository":"https://github.com/cnescatlab/sonar-cnes-report","install":"npx skills add cnescatlab/sonar-cnes-report","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["document-processing","markdown","documents","cnes","csv","docx"],"known_risks":["Quality score needs review"]},"audit":{"score":83,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review"]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":79,"label":"Strong"},"supply":{"track":"Research and knowledge work","scenario":"Document processing","maintenance":"1mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Sonar Cnes Report in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 80/100 Strong shortlist","Audit: 83/100 Safe to try","Safety: 67/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"cnescatlab-sonar-cnes-report (Sonar Cnes Report)","install_command":"npx skills add cnescatlab/sonar-cnes-report","risk_summary":"Safe to try; Reviewed with permission notes; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report","api":"https://www.openagentskill.com/api/agent/skills/cnescatlab-sonar-cnes-report","audit":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=cnescatlab-sonar-cnes-report&task=Use%20Sonar%20Cnes%20Report%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20Cnes%20Report%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/cnescatlab-sonar-cnes-report/install","manifest":"https://www.openagentskill.com/api/registry/manifest/cnescatlab-sonar-cnes-report"}},"platforms":["Java","Markdown","Claude Code"],"use_cases":[{"slug":"document-processing","title":"Document processing","url":"https://www.openagentskill.com/use-cases/document-processing"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"}],"install":"npx skills add cnescatlab/sonar-cnes-report","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add cnescatlab/sonar-cnes-report","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonar Cnes Report\" agent skill from https://github.com/cnescatlab/sonar-cnes-report. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Generates analysis reports from SonarQube web API.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonar Cnes Report\" as a Claude Code skill from https://github.com/cnescatlab/sonar-cnes-report. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Generates analysis reports from SonarQube web API.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonar Cnes Report\" from https://github.com/cnescatlab/sonar-cnes-report into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Generates analysis reports from SonarQube web API.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/cnescatlab/sonar-cnes-report","github_repo":"cnescatlab/sonar-cnes-report","version":"1.0.0","license":"GPL-3.0","updated_at":"2026-06-22T03:03:42.477927+00:00","canonical_key":"cnescatlab/sonar-cnes-report","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 635 stars","Install handoff is available","Repository freshness signal is available","Registry match score 323"],"urls":{"web":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report","api":"https://www.openagentskill.com/api/agent/skills/cnescatlab-sonar-cnes-report","install_api":"https://www.openagentskill.com/api/skills/cnescatlab-sonar-cnes-report/install","audit":"https://www.openagentskill.com/skills/cnescatlab-sonar-cnes-report/audit","repository":"https://github.com/cnescatlab/sonar-cnes-report"}},{"rank":9,"match_score":322,"slug":"sonarsource-sonarqube","name":"Sonarqube","description":"Continuous Inspection","tagline":"Continuous Inspection","category":"development","tags":["static-analysis","code-quality","sonarqube","java","github"],"author":{"name":"SonarSource","verified":true,"url":"https://github.com/SonarSource"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"SonarSource/sonarqube","creatorName":"SonarSource","creatorUrl":"https://github.com/SonarSource","sourceUrl":"https://github.com/SonarSource/sonarqube","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/sonarsource-sonarqube#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":10663,"forks":2194,"downloads":0,"rating":0,"review_count":0,"quality_score":71.4},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"11K","tone":"positive"},{"label":"Freshness","value":"10d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"LGPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":93,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"11K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"11K stars, 2.2K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"10d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"LGPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add SonarSource/sonarqube"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/SonarSource/sonarqube"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"11K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"11K stars, 2.2K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"10d since push"},{"status":"pass","label":"License clarity","detail":"LGPL-3.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add SonarSource/sonarqube"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/SonarSource/sonarqube"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Documentation summary is thin"],"evidence":{"stars":"11K GitHub stars","repoActivity":"11K stars, 2.2K forks","lastPushed":"10d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarqube","install":"npx skills add SonarSource/sonarqube","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add SonarSource/sonarqube","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","10d since push"]},"agentCompatibility":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["Documentation summary is thin"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["development","static-analysis","code-quality","sonarqube","java","github"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Documentation summary is thin"]},"safety":{"score":79,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","79/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["Documentation summary is thin"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","79/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"research-agents","title":"Research agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Java"],"install":{"ready":true,"command":"npx skills add SonarSource/sonarqube","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":10663,"starsLabel":"11K","forks":2194,"license":"LGPL-3.0","qualityScore":100,"trustScore":93,"auditScore":95},"maintenance":{"status":"fresh","label":"10d since push","daysSincePush":10,"lastPushedAt":"2026-06-12T20:48:16+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Documentation summary is thin"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","sonarqube","java","github"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Documentation summary is thin"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarqube","name":"Sonarqube","description":"Continuous Inspection","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarqube","repository":"https://github.com/SonarSource/sonarqube","github_repo":"SonarSource/sonarqube"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonarqube","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonarqube"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarqube\" agent skill from https://github.com/SonarSource/sonarqube. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Continuous Inspection"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarqube\" as a Claude Code skill from https://github.com/SonarSource/sonarqube. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Continuous Inspection"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarqube\" from https://github.com/SonarSource/sonarqube into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Continuous Inspection"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarqube/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarqube"},"trust":{"score":93,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"11K GitHub stars","repoActivity":"11K stars, 2.2K forks","lastPushed":"10d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarqube","install":"npx skills add SonarSource/sonarqube","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","sonarqube","java","github"],"known_risks":["Documentation summary is thin"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Documentation summary is thin"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"10d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Documentation summary is thin","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonarqube in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 93/100 Production candidate","Audit: 95/100 Safe to try","Safety: 79/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarqube (Sonarqube)","install_command":"npx skills add SonarSource/sonarqube","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarqube","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarqube","audit":"https://www.openagentskill.com/skills/sonarsource-sonarqube/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarqube&task=Use%20Sonarqube%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarqube%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarqube/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarqube"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonarqube","name":"Sonarqube","description":"Continuous Inspection","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonarqube","repository":"https://github.com/SonarSource/sonarqube","github_repo":"SonarSource/sonarqube"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Java","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonarqube","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonarqube"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonarqube\" agent skill from https://github.com/SonarSource/sonarqube. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Continuous Inspection"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonarqube\" as a Claude Code skill from https://github.com/SonarSource/sonarqube. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Continuous Inspection"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonarqube\" from https://github.com/SonarSource/sonarqube into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Continuous Inspection"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonarqube/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarqube"},"trust":{"score":93,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"11K GitHub stars","repoActivity":"11K stars, 2.2K forks","lastPushed":"10d since push","license":"LGPL-3.0","repository":"https://github.com/SonarSource/sonarqube","install":"npx skills add SonarSource/sonarqube","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","sonarqube","java","github"],"known_risks":["Documentation summary is thin"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Documentation summary is thin"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"10d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","Documentation summary is thin","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonarqube in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 93/100 Production candidate","Audit: 95/100 Safe to try","Safety: 79/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonarqube (Sonarqube)","install_command":"npx skills add SonarSource/sonarqube","risk_summary":"Safe to try; Reviewed; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarqube","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarqube","audit":"https://www.openagentskill.com/skills/sonarsource-sonarqube/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonarqube&task=Use%20Sonarqube%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonarqube%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonarqube/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonarqube"}},"platforms":["Java","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add SonarSource/sonarqube","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add SonarSource/sonarqube","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonarqube\" agent skill from https://github.com/SonarSource/sonarqube. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Continuous Inspection","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonarqube\" as a Claude Code skill from https://github.com/SonarSource/sonarqube. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Continuous Inspection","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonarqube\" from https://github.com/SonarSource/sonarqube into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Continuous Inspection","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/SonarSource/sonarqube","github_repo":"SonarSource/sonarqube","version":"1.0.0","license":"LGPL-3.0","updated_at":"2026-06-15T03:04:03.644816+00:00","canonical_key":"sonarsource/sonarqube","recommendation_reasons":["Matches task terms: sonar","Strong GitHub adoption: 10,663 stars","Quality score 71/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/sonarsource-sonarqube","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonarqube","install_api":"https://www.openagentskill.com/api/skills/sonarsource-sonarqube/install","audit":"https://www.openagentskill.com/skills/sonarsource-sonarqube/audit","repository":"https://github.com/SonarSource/sonarqube"}},{"rank":10,"match_score":306.4,"slug":"sonarsource-sonar-dotnet","name":"Sonar Dotnet","description":"Code analyzer for C# and VB.NET projects","tagline":"Code analyzer for C# and VB.NET projects","category":"development","tags":["static-analysis","code-quality","c-sharp","roslyn","sonarqube","static-analyzer","static-code-analysis","visual-basic","c#","github"],"author":{"name":"SonarSource","verified":false,"url":"https://github.com/SonarSource"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"SonarSource/sonar-dotnet","creatorName":"SonarSource","creatorUrl":"https://github.com/SonarSource","sourceUrl":"https://github.com/SonarSource/sonar-dotnet","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":910,"forks":241,"downloads":0,"rating":0,"review_count":0,"quality_score":54.42},"quality":{"score":82,"tier":"strong","label":"Strong","summary":"Solid option that is likely worth shortlisting for production workflows.","signals":[{"label":"GitHub stars","value":"910","tone":"positive"},{"label":"Freshness","value":"10d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":80,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":76,"weight":0.13,"status":"info","detail":"910 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":71,"weight":0.08,"status":"info","detail":"910 stars, 241 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"10d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add SonarSource/sonar-dotnet"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/SonarSource/sonar-dotnet"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Real agent outcomes","score":58,"weight":0.08,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"910 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"910 stars, 241 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"10d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add SonarSource/sonar-dotnet"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/SonarSource/sonar-dotnet"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Real agent outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","Quality score needs review","License clarity: Unknown"],"evidence":{"stars":"910 GitHub stars","repoActivity":"910 stars, 241 forks","lastPushed":"10d since push","license":"Unknown","repository":"https://github.com/SonarSource/sonar-dotnet","install":"npx skills add SonarSource/sonar-dotnet","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add SonarSource/sonar-dotnet","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","10d since push"]},"agentCompatibility":["C#","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","Quality score needs review","License clarity: Unknown"]},"outcomeEvidence":{"total":0,"successes":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["development","static-analysis","code-quality","c-sharp","roslyn","sonarqube"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","Quality score needs review","License clarity: Unknown"]},"safety":{"score":69,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","69/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","69/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"research-agents","title":"Research agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","C#"],"install":{"ready":true,"command":"npx skills add SonarSource/sonar-dotnet","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":910,"starsLabel":"910","forks":241,"license":"Unknown","qualityScore":82,"trustScore":80,"auditScore":85},"maintenance":{"status":"fresh","label":"10d since push","daysSincePush":10,"lastPushedAt":"2026-06-13T01:20:13+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["License is unclear","Quality score needs review","License clarity: Unknown"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","c-sharp","roslyn","sonarqube"]},"audit":{"audit_score":85,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","Quality score needs review","License clarity: Unknown"]},"decision":{"readiness_score":93,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonar-dotnet","name":"Sonar Dotnet","description":"Code analyzer for C# and VB.NET projects","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet","repository":"https://github.com/SonarSource/sonar-dotnet","github_repo":"SonarSource/sonar-dotnet"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["C#","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonar-dotnet","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonar-dotnet"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar Dotnet\" agent skill from https://github.com/SonarSource/sonar-dotnet. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Code analyzer for C# and VB.NET projects"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar Dotnet\" as a Claude Code skill from https://github.com/SonarSource/sonar-dotnet. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Code analyzer for C# and VB.NET projects"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar Dotnet\" from https://github.com/SonarSource/sonar-dotnet into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Code analyzer for C# and VB.NET projects"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonar-dotnet/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-dotnet"},"trust":{"score":80,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"910 GitHub stars","repoActivity":"910 stars, 241 forks","lastPushed":"10d since push","license":"Unknown","repository":"https://github.com/SonarSource/sonar-dotnet","install":"npx skills add SonarSource/sonar-dotnet","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["development","static-analysis","code-quality","c-sharp","roslyn","sonarqube"],"known_risks":["License is unclear","Quality score needs review","License clarity: Unknown"]},"audit":{"score":85,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","Quality score needs review","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":82,"label":"Strong"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"10d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","Quality score needs review","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonar Dotnet in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 80/100 Strong shortlist","Audit: 85/100 Safe to try","Safety: 69/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonar-dotnet (Sonar Dotnet)","install_command":"npx skills add SonarSource/sonar-dotnet","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonar-dotnet","audit":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonar-dotnet&task=Use%20Sonar%20Dotnet%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20Dotnet%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonar-dotnet/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-dotnet"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"sonarsource-sonar-dotnet","name":"Sonar Dotnet","description":"Code analyzer for C# and VB.NET projects","category":"development","url":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet","repository":"https://github.com/SonarSource/sonar-dotnet","github_repo":"SonarSource/sonar-dotnet"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["C#","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add SonarSource/sonar-dotnet","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add SonarSource/sonar-dotnet"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Sonar Dotnet\" agent skill from https://github.com/SonarSource/sonar-dotnet. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Code analyzer for C# and VB.NET projects"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Sonar Dotnet\" as a Claude Code skill from https://github.com/SonarSource/sonar-dotnet. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Code analyzer for C# and VB.NET projects"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Sonar Dotnet\" from https://github.com/SonarSource/sonar-dotnet into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Code analyzer for C# and VB.NET projects"}],"handoff_url":"https://www.openagentskill.com/api/skills/sonarsource-sonar-dotnet/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-dotnet"},"trust":{"score":80,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"910 GitHub stars","repoActivity":"910 stars, 241 forks","lastPushed":"10d since push","license":"Unknown","repository":"https://github.com/SonarSource/sonar-dotnet","install":"npx skills add SonarSource/sonar-dotnet","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"success_rate":null,"install_attempts":0,"risk_blocked":0,"setup_required":0,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["development","static-analysis","code-quality","c-sharp","roslyn","sonarqube"],"known_risks":["License is unclear","Quality score needs review","License clarity: Unknown"]},"audit":{"score":85,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","Quality score needs review","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":82,"label":"Strong"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"10d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","Quality score needs review","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Sonar Dotnet in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 80/100 Strong shortlist","Audit: 85/100 Safe to try","Safety: 69/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"sonarsource-sonar-dotnet (Sonar Dotnet)","install_command":"npx skills add SonarSource/sonar-dotnet","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"endpoints":{"web":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonar-dotnet","audit":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=sonarsource-sonar-dotnet&task=Use%20Sonar%20Dotnet%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Sonar%20Dotnet%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","install":"https://www.openagentskill.com/api/skills/sonarsource-sonar-dotnet/install","manifest":"https://www.openagentskill.com/api/registry/manifest/sonarsource-sonar-dotnet"}},"platforms":["C#","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add SonarSource/sonar-dotnet","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add SonarSource/sonar-dotnet","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Sonar Dotnet\" agent skill from https://github.com/SonarSource/sonar-dotnet. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Code analyzer for C# and VB.NET projects","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Sonar Dotnet\" as a Claude Code skill from https://github.com/SonarSource/sonar-dotnet. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Code analyzer for C# and VB.NET projects","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Sonar Dotnet\" from https://github.com/SonarSource/sonar-dotnet into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Code analyzer for C# and VB.NET projects","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/SonarSource/sonar-dotnet","github_repo":"SonarSource/sonar-dotnet","version":"1.0.0","license":"Unknown","updated_at":"2026-06-14T16:01:14.420276+00:00","canonical_key":"sonarsource/sonar-dotnet","recommendation_reasons":["Matches task terms: sonar","Useful GitHub adoption: 910 stars","Install handoff is available","Repository freshness signal is available","Registry match score 306"],"urls":{"web":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet","api":"https://www.openagentskill.com/api/agent/skills/sonarsource-sonar-dotnet","install_api":"https://www.openagentskill.com/api/skills/sonarsource-sonar-dotnet/install","audit":"https://www.openagentskill.com/skills/sonarsource-sonar-dotnet/audit","repository":"https://github.com/SonarSource/sonar-dotnet"}}],"meta":{"endpoint":"/api/skills/search","canonical_agent_endpoint":"/api/agent/resolve","safety_policy":"Blocked candidates are excluded by default. Pass include_blocked=true only for manual audit workflows.","agent_friendly":true,"api_version":"1.0","generated_at":"2026-06-23T09:40:01.784Z"}}