Language: 日本語English

Topic: Code Quality, Review & Testing

39 items in the "Code Quality, Review & Testing" topic.

Plugins (Claude Code)

Name Description Category Author
42crunch-api-security-testing Automate API security directly in Claude Code with 42Crunch - automatically audit OpenAPI specs, detect vulnerabilities aligned with OWASP API Security risks (including BOLA/BFLA), and apply AI-powered fixes. Designed for AI-assisted development workflows, it provides continuous guardrails through an audit->scan->remediate->validate loop, ensuring APIs meet enterprise security standards before deployment. Security 42Crunch
aws-agents-for-devsecops Investigate incidents, review code and execute UAT for release readiness, scan code for vulnerabilities, and run penetration tests with AWS DevOps Agent and AWS Security Agent. Development Amazon Web Services
azure-cosmos-db-assistant Expert assistant for Azure Cosmos DB — data modeling, query optimization, performance tuning, and best practices. Database
chrome-devtools-mcp Control and inspect a live Chrome browser from your coding agent. Record performance traces, analyze network requests, check console messages with source-mapped stack traces, and automate browser actions with Puppeteer. Development
code-review Automated code review for pull requests using multiple specialized agents with confidence-based scoring to filter false positives Productivity Anthropic
code-simplifier Agent that simplifies and refines code for clarity, consistency, and maintainability while preserving functionality. Focuses on recently modified code. Productivity Anthropic
coderabbit Your code review partner. CodeRabbit provides external validation using a specialized AI architecture and 40+ integrated static analyzers—offering a different perspective that catches bugs, security vulnerabilities, logic errors, and edge cases. Context-aware analysis via AST parsing and codegraph relationships. Automatically incorporates CLAUDE.md and project coding guidelines into reviews. Useful after writing or modifying code, before commits, when implementing complex or security-sensitive logic, or when a second opinion would increase confidence in the changes. Returns specific findings with suggested fixes that can be applied immediately. Free to use. Productivity
codspeed CodSpeed is the all-in-one performance testing toolkit. Dive into benchmarking results, flamegraphs, and performance comparisons — give Claude granular profiling context to pinpoint bottlenecks and autonomously iterate on performance via the CodSpeed MCP server. Development CodSpeed
datahub-skills DataHub development and interaction toolkit with connector planning, PR review, catalog search, metadata enrichment, lineage tracing, data quality management, and connection setup skills Database DataHub
feature-dev Comprehensive feature development workflow with specialized agents for codebase exploration, architecture design, and quality review Development Anthropic
github Official GitHub MCP server for repository management. Create issues, manage pull requests, review code, search repositories, and interact with GitHub's full API directly from Claude Code. Productivity
greptile AI-powered codebase search and understanding. Query your repositories using natural language to find relevant code, understand dependencies, and get contextual answers about your codebase architecture. Development
mergify Skills for the Mergify CLI: manage merge queues, stacked pull requests, Test Insights (flaky tests, quarantine), merge protections, and Mergify configuration directly from the terminal. Development Mergify
pagerduty Enhance code quality and security through PagerDuty risk scoring and incident correlation. Score pre-commit diffs against historical incident data and surface deployment risk before you ship. Monitoring
playwright Browser automation and end-to-end testing MCP server by Microsoft. Enables Claude to interact with web pages, take screenshots, fill forms, click elements, and perform automated browser testing workflows. Testing
postman Full API lifecycle management for Claude Code. Sync collections, generate client code, discover APIs, run tests, create mocks, publish docs, and audit security. Powered by the Postman MCP Server. Development
pr-review-toolkit Comprehensive PR review agents specializing in comments, tests, error handling, type design, code quality, and code simplification Productivity Anthropic
pyright-lsp Python language server (Pyright) for type checking and code intelligence Development Anthropic
qodo-skills Qodo Skills provides a curated library of reusable AI agent capabilities that extend Claude's functionality for software development workflows. Each skill is designed to integrate seamlessly into your development process, enabling tasks like code quality checks, automated testing, security scanning, and compliance validation. Skills operate across your entire SDLC—from IDE to CI/CD—ensuring consistent standards and catching issues early. Development
qt-development-skills Agentic engineering skills for Qt software development — Qt C++/QML code review, QML coding, and Qt C++/QML code documentation. Development Qt Group
security-guidance Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes. Security Anthropic
serena Semantic code analysis MCP server providing intelligent code understanding, refactoring suggestions, and codebase navigation through language server protocol integration. Development
sonarqube Automatically enforce SonarQube code quality and security in the agent coding loop — 7,000+ rules, secrets scanning, agentic analysis, and quality gates across 40+ languages. PostToolUse hooks run analysis after every file edit. Pre-tool secrets scanning prevents 450+ patterns from reaching the LLM. Slash commands give on-demand access to quality gate status, coverage, duplication, and dependency risks. Includes SonarQube CLI, MCP Server, skills, hooks, and slash commands. Security SonarSource
sourcegraph Code search and understanding across codebases. Search, read, and trace references across repositories; analyze refactor impact; investigate incidents via commit and diff search; run targeted security sweeps. Development
superpowers Superpowers teaches Claude brainstorming, subagent driven development with built in code review, systematic debugging, and red/green TDD. Additionally, it teaches Claude how to author and test new skills. Development
ui5 SAPUI5 / OpenUI5 plugin for coding agents. Create and validate UI5 projects, access API documentation, run UI5 linter, get development guidelines and best practices for UI5 development. Development SAP SE
ui5-modernization Complete UI5 modernization toolkit with workflow and specialized fix patterns for modernizing SAPUI5/OpenUI5 applications. Development SAP SE

Skills

Name Description License Author
skill-creator Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy. Anthropic
webapp-testing Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs. Complete terms in LICENSE.txt Anthropic

Codex Plugins

Name Description Category Author
build-ios-apps Build iOS apps with workflows for App Intents, SwiftUI UI work, Simulator mirroring in the Codex in-app browser, performance profiling, leak investigation, and simulator debugging. Developer Tools OpenAI
circleci Build, test, and deploy any application Developer Tools CircleCI
coderabbit AI-powered code review in Codex, powered by CodeRabbit. Developer Tools CodeRabbit AI
github Inspect repositories, triage pull requests and issues, debug CI, and publish changes through a hybrid GitHub connector and CLI workflow. Developer Tools OpenAI
jam Screen record with context Productivity Jam
plugin-eval Evaluate Codex skills and plugins from chat with a beginner-friendly start command, local-first reports, token budget explanations, and guided benchmarking. Developer Tools OpenAI Codex
replayio Record browser sessions with the Replay Browser through the host agent browser, analyze recordings through Replay MCP tools or Replay QA, and upload pending recordings when the turn ends. Developer Tools Replay
shopify Search Shopify docs, generate and validate GraphQL, Liquid, and UI extension code. Developer Tools Shopify
superpowers An agentic skills framework & software development methodology that works: planning, TDD, debugging, and collaboration workflows. Developer Tools Jesse Vincent
test-android-apps Test Android apps with emulator workflows for reproduction, screenshots, UI inspection, log capture, and performance profiling. Developer Tools OpenAI

Topics