Stats
Actions
Tags
Assess whether a codebase has gates to detect AI-generated code smells and recommend what to add. Trigger phrases: "detect ai smells", "check for ai slop gates", "ai code quality gates", "do I have ai smell detection", "ai hygiene checks", "what checks catch ai slop", "ai quality gates assessment"
How this skill is triggered — by the user, by Claude, or both
Slash command
/software-verification:detect-ai-smells [path-to-codebase] (defaults to current directory)[path-to-codebase] (defaults to current directory)This skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Assess whether a codebase has gates in place to catch AI-generated code smells — patterns indicating output was produced for plausibility rather than understanding. Produce an `ai-smells-gates-report.md` with coverage of the 9 AI smell categories, gap analysis, recommendations for missing gates, and human review heuristics for what automation can't catch.
Assess whether a codebase has gates in place to catch AI-generated code smells — patterns indicating output was produced for plausibility rather than understanding. Produce an ai-smells-gates-report.md with coverage of the 9 AI smell categories, gap analysis, recommendations for missing gates, and human review heuristics for what automation can't catch.
Load references/ai-smells-taxonomy.md for the 9 AI smell categories and their detection approaches.
These are the categories of AI-generated quality problems the codebase should be protected against:
Search for mechanisms that would catch AI smells:
Static analysis rules:
.semgrep/, semgrep.yml, semgrep configs in CICI quality gates:
stryker, mutmut, cargo-mutants (catches AI005 — tests mirroring implementation)knip, ts-prune, vulture (catches AI002/AI003 — unnecessary abstractions)jscpd, cpd, dupfinder (catches AI006 — symmetry without substance)Dependency/import validation:
depcheck, deptryError handling checks:
Pinning and drift prevention:
npm ci, pip install --require-hashes)actionlint, pin-github-action)^/~/* beyond patch)Hard-coded value detection:
no-magic-numbers, ruff PLR2004)Commit/PR hygiene:
commitlint, gitlint, conventional commits config.github/PULL_REQUEST_TEMPLATE.mdReview gates:
Load references/detection-patterns.md and references/detection-patterns-gates.md for what patterns each gate should catch.
For each of the 9 AI smells, determine which existing gates provide coverage:
| Smell | Covered by | Coverage level |
|---|---|---|
| AI001: Plausible Fabrication | [existing gates or "None"] | Full / Partial / None |
| AI002: Cargo-Cult Patterns | ... | ... |
| AI003: Architecture Astronaut | ... | ... |
| AI004: Shallow Error Handling | ... | ... |
| AI005: Tests Mirroring Implementation | ... | ... |
| AI006: Symmetry Without Substance | ... | ... |
| AI007: Local Reasoning Violations | ... | ... |
| AI008: Implicit Drift | ... | ... |
| AI009: Happy-Path-Only Coverage | ... | ... |
Coverage levels:
For AI001 (Plausible Fabrication) specifically: note that interface mocks alone do NOT protect against fabrication — an agent writing both code and mocks creates a closed loop of plausibility. Behavioral twins or contract tests against real API behavior are required for full coverage. If only interface mocks exist for third-party integrations, classify as "Partial" at best.
For AI004 (Shallow Error Handling): assess both traditional empty-catch detection AND silent success masking. If only empty-catch rules exist but no detection of catch { return [] } / catch { return null } patterns, classify as "Partial". Full coverage requires startup validation enforcement and boundary validation checks.
For AI008 (Implicit Drift): check for both the pin itself AND an automated update mechanism. Lockfile enforcement without Dependabot/Renovate is "Partial" — it prevents drift but accumulates staleness. Full coverage requires pinning + deliberate update process.
For AI009 (Happy-Path-Only Coverage): line coverage alone does NOT count — a suite can hit every line via success-case tests while never exercising an error branch. Require branch coverage or mutation testing plus the presence of error-path tests (assertRaises/toThrow/pytest.raises). Line coverage only, with no error-path assertions, is "Partial" at best.
Load references/ci-integration.md for pipeline positioning and fitness function patterns.
For each existing gate, evaluate:
Load references/git-history-signals.md for vibe-coding signal patterns.
Check for mechanisms that enforce commit/PR quality:
Closes #, Fixes #)Check for mechanisms that support taste-based quality judgment:
If no human review heuristics exist, the report should recommend establishing them — these smells (proportionality, coherence, clarity, appropriateness) cannot be fully automated but can be systematized through review culture.
Load references/ai-smells-gates-report-template.md and write ai-smells-gates-report.md following that structure. Populate all sections with findings from Steps 1–6.
npx claudepluginhub krokoko/cairn --plugin software-verificationProvides behavioral guidelines to reduce common LLM coding mistakes, focusing on simplicity, surgical changes, assumption surfacing, and verifiable success criteria.
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.
Creates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.