Stats
Actions
Tags
From sonarqube
Use this skill when the user mentions "sonar", "sonarqube", "code quality", "code smell", "quality gate", "new code issues", "fetch issues", "security hotspots", or wants to analyze code quality.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sonarqube:sonarThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Fetch and manage SonarQube issues, quality gates, and metrics using bash scripts.
Fetch and manage SonarQube issues, quality gates, and metrics using bash scripts.
Call bash scripts directly via the Bash tool. No MCP server required.
Scripts location: ~/.claude/plugins/cache/awesome-agent-toolkit/sonarqube/1.2.1/core/scripts/
IMPORTANT: Environment variables must be set. Check with:
echo $SONAR_HOST_URL $SONAR_TOKEN $SONAR_PROJECT_KEY
If empty, add them to ~/.claude/settings.json under env:
{
"env": {
"SONAR_HOST_URL": "https://sonarqube.example.com",
"SONAR_TOKEN": "sqa_xxxxxxxxxxxx",
"SONAR_PROJECT_KEY": "my-project-key"
}
}
Set PLUGIN_DIR=~/.claude/plugins/cache/awesome-agent-toolkit/sonarqube/1.2.1
# Fetch all open issues (HIGH, MEDIUM severity)
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH,MEDIUM
# Fetch only HIGH severity issues
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH
# Fetch issues from NEW CODE only (important for CI/CD)
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH --new-code
# Fetch issues for a specific file
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --file src/main/java/MyClass.java
bash $PLUGIN_DIR/core/scripts/quality-gate.sh
Returns: PASSED, FAILED, or ERROR with condition details.
bash $PLUGIN_DIR/core/scripts/metrics.sh
Returns: Coverage %, duplications, bugs, vulnerabilities, code smells count.
bash $PLUGIN_DIR/core/scripts/hotspots.sh
Returns: Security hotspots that need review.
bash $PLUGIN_DIR/core/scripts/rule-details.sh java:S2140
Explains what a specific rule means and how to fix it.
bash $PLUGIN_DIR/core/scripts/run-analysis.sh
Triggers a SonarQube scan on the current project.
When user asks about "new code issues" or "sonar issues from new code":
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH --new-codeWhen user asks about quality gate status:
bash $PLUGIN_DIR/core/scripts/quality-gate.shWhen user mentions security:
bash $PLUGIN_DIR/core/scripts/hotspots.shPresent issues as a table:
| # | File | Line | Rule | Message | Severity |
|---|---|---|---|---|---|
| 1 | File.java | 42 | java:S2140 | Use nextInt() | HIGH |
After listing, ask:
Ready to fix? Reply with task numbers (e.g., 1, 3, 5), all, or skip.
npx claudepluginhub covayurt/awesome-agent-toolkit --plugin sonarqubeIntegrates SonarQube/SonarCloud via MCP server for quality gate checks, issue discovery/triaging, pre-push code analysis, and rule explanations in agent workflows. Use for gate status, finding issues, snippet analysis before commits, or rule details.
Fetches and filters SonarQube issues for a project using sonarqube-cli, with support for severity, status, branch, and pull request filters.
Deploys SonarQube via Docker to statically analyze project code for bugs, vulnerabilities, code smells, technical debt, and coverage gaps; proposes actionable fixes.