sonar | Skill Performance & Reviews | TopRankSkills

TopRank Skills
Home / Skills / tools / sonar

sonar

maintained by COvayurt

star 1 account_tree 0 verified_user MIT License
bolt View GitHub
Overview Implementation Examples History

name: sonar description: Use this skill when the user mentions "sonar", "sonarqube", "code quality", "code smell", "quality gate", "new code issues", "fetch issues", "security hotspots", or wants to analyze code quality.

SonarQube Integration

Fetch and manage SonarQube issues, quality gates, and metrics using bash scripts.

How to Use

Call bash scripts directly. No MCP server required.

Scripts location: ~/.agents/skills/sonar/scripts/

IMPORTANT: Environment variables must be set. Check with:

echo $SONAR_HOST_URL $SONAR_TOKEN $SONAR_PROJECT_KEY

If empty, add them to your shell profile (~/.bashrc or ~/.zshrc):

export SONAR_HOST_URL="https://sonarqube.example.com"
export SONAR_TOKEN="sqa_xxxxxxxxxxxx"
export SONAR_PROJECT_KEY="my-project-key"

Available Commands

Set SKILL_DIR=~/.agents/skills/sonar

Fetch Issues

# Fetch all open issues (HIGH, MEDIUM severity)
bash $SKILL_DIR/scripts/fetch-issues.sh --severity HIGH,MEDIUM

# Fetch only HIGH severity issues
bash $SKILL_DIR/scripts/fetch-issues.sh --severity HIGH

# Fetch issues from NEW CODE only (important for CI/CD)
bash $SKILL_DIR/scripts/fetch-issues.sh --severity HIGH --new-code

# Fetch issues for a specific file
bash $SKILL_DIR/scripts/fetch-issues.sh --file src/main/java/MyClass.java

Check Quality Gate

bash $SKILL_DIR/scripts/quality-gate.sh

Returns: PASSED, FAILED, or ERROR with condition details.

View Metrics

bash $SKILL_DIR/scripts/metrics.sh

Returns: Coverage %, duplications, bugs, vulnerabilities, code smells count.

Security Hotspots

bash $SKILL_DIR/scripts/hotspots.sh

Returns: Security hotspots that need review.

Rule Details

bash $SKILL_DIR/scripts/rule-details.sh java:S2140

Explains what a specific rule means and how to fix it.

Run Analysis

bash $SKILL_DIR/scripts/run-analysis.sh

Triggers a SonarQube scan on the current project.

Workflows

1. Fetch & Fix New Code Issues

When user asks about "new code issues" or "sonar issues from new code":

  1. Run: bash $SKILL_DIR/scripts/fetch-issues.sh --severity HIGH --new-code
  2. Parse the JSON output and present as a table
  3. For each issue, offer to read the file and fix it

2. Check Quality Gate Before PR

When user asks about quality gate status:

  1. Run: bash $SKILL_DIR/scripts/quality-gate.sh
  2. Report PASSED/FAILED status
  3. If failed, list which conditions failed

3. Review Security Issues

When user mentions security:

  1. Run: bash $SKILL_DIR/scripts/hotspots.sh
  2. Present hotspots with vulnerability categories
  3. Recommend review actions

Output Format

Present issues as a table:

# File Line Rule Message Severity
1 File.java 42 java:S2140 Use nextInt() HIGH

After listing, ask: Ready to fix? Reply with task numbers (e.g., 1, 3, 5), all, or skip.

chat Comments (0)

chat_bubble_outline

No comments yet. Be the first to share your thoughts!

Skill Details

GitHub Stars 1
GitHub Forks 0
Created Mar 2026
Last Updated 3 months ago
tools tools ide plugins

Related Skills

writing-skills

writing-skills

udecode
star 1.1k
chevron_right
codex

codex

skills-directory
star 590
chevron_right
smart-illustrator

smart-illustrator

axtonliu
star 394
chevron_right
collaborating-with-codex

collaborating-with-codex

GuDaStudio
star 115
chevron_right
code-review-router

code-review-router

win4r
star 95
chevron_right

Build your own?

Join 12,000+ developers contributing to the Claude ecosystem.