Static Analysis

Name: Static Analysis
Author: mohitmishra786

mohitmishra786/low-level-dev-skills

Apply a clang-tidy check reference so your agent picks high-value bugprone, analyzer, and modernize rules for C/C++ static analysis.

Overview

static-analysis is an agent skill for the Ship phase that maps clang-tidy bugprone, clang-analyzer, and modernize checks to concrete C/C++ defect patterns for static review.

Install

npx skills add https://github.com/mohitmishra786/low-level-dev-skills --skill static-analysis

What is this skill?

bugprone-* group reference for use-after-move, memset misuse, narrowing, and infinite loops
clang-analyzer-* deep checks including null deref, malloc misuse, and insecure API usage
modernize-* migrations such as nullptr, override, auto, and emplace
Tabular mapping of check names to what each rule catches
Oriented toward always-on bugprone checks plus selective analyzer depth
Three documented check families: bugprone-*, clang-analyzer-*, and modernize-* with multiple named checks each

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 518 installs on skills.sh; 102 GitHub stars; 3/3 security scanners passed (skills.sh audits).

Who is it for?

Indie developers on clang-tidy-backed C/C++ services, CLIs, or game/engine modules who want check-name-level guidance.

Skip if: Pure TypeScript/Python web stacks with no clang-tidy pipeline, or teams wanting dynamic fuzzing instead of compile-time tidy rules.

When should I use this skill?

User is configuring clang-tidy, reviewing C/C++ for static defects, or asks which tidy checks catch specific bug classes.

What do I get? / Deliverables

You align CI and local clang-tidy configs with prioritized check groups and explainable rule-to-bug mappings for the next review pass.

Prioritized clang-tidy check group recommendations
Rule-to-symptom explanations suitable for PR review comments

Recommended Skills

Agent Browservercel-labs/open-agents

agent-browser is a Vercel Open Agents skill that wraps a CLI for programmatic browser control—ideal when solo builders n…404k installs·5.6k stars

Tddmattpocock/skills

TDD is an agent skill that coaches test-driven development using the red-green-refactor loop for solo and indie builders…214k installs·121k stars

Use My Browserxixu-me/skills

Use My Browser skill forces agents to classify tasks as static-capable or browser-required before choosing tools—staying…198k installs·61 stars

Test Driven Developmentobra/superpowers

Test-Driven Development is an agent skill from obra/superpowers that forces a test-first implementation ritual: write a …118k installs·221k stars

Verification Before Completionobra/superpowers

Verification Before Completion is an agent skill from the Superpowers lineage that blocks premature success claims durin…100k installs·221k stars

Webapp Testinganthropics/skills

webapp-testing is an agent skill for solo builders who need to prove that a local web application actually works—not jus…90.9k installs·148k stars

Journey fit

Primary fit

Shelf is Ship → Testing because the skill is a QA-oriented checker catalog used before merge or release, not greenfield feature authoring. Testing subphase matches static analysis, path-sensitive analyzer checks, and pre-ship defect hunting in native codebases.

How it compares

Checker reference for clang-tidy rule selection, not a replacement for running the tidy binary in CI.

Common Questions / FAQ

Who is static-analysis for?

Solo and indie builders working in C/C++ repositories who configure or interpret clang-tidy and want agent answers tied to specific check names.

When should I use static-analysis?

Use it during Ship testing when tightening .clang-tidy, reviewing a native PR, or explaining which bugprone versus analyzer checks to enable before release.

Is static-analysis safe to install?

It is documentation-style procedural knowledge with no inherent network calls; still review the Security Audits panel on this page for the parent low-level-dev-skills package.

SKILL.md

READMESKILL.md - Static Analysis

# clang-tidy Check Reference

## High-Value Check Groups

### bugprone-* (always enable)

| Check | What it catches |
|-------|-----------------|
| `bugprone-use-after-move` | Using a C++ moved-from object |
| `bugprone-integer-division` | Integer division assigned to float |
| `bugprone-suspicious-memset-usage` | `memset(p, 0, sizeof(p))` on pointer |
| `bugprone-macro-parentheses` | Unparenthesised macro arguments |
| `bugprone-signed-char-misuse` | Signed char used as array index |
| `bugprone-string-constructor` | `std::string(0)` instead of `""` |
| `bugprone-narrowing-conversions` | Narrowing int → smaller type |
| `bugprone-branch-clone` | Identical if/else branches |
| `bugprone-infinite-loop` | Loop with no exit condition |

### clang-analyzer-* (deep path analysis)

| Check | What it catches |
|-------|-----------------|
| `clang-analyzer-core.NullDereference` | Null pointer deref |
| `clang-analyzer-core.UndefinedBinaryOperatorResult` | Uninit value in expr |
| `clang-analyzer-unix.Malloc` | malloc/free misuse |
| `clang-analyzer-unix.API` | POSIX API misuse |
| `clang-analyzer-security.insecureAPI.*` | `gets`, `strcpy`, `rand` |
| `clang-analyzer-cplusplus.NewDelete` | new/delete mismatches |

### modernize-* (C++11/14/17 upgrades)

| Check | Migration |
|-------|-----------|
| `modernize-use-nullptr` | `NULL` → `nullptr` |
| `modernize-use-override` | Add `override` to virtual |
| `modernize-use-auto` | Deduce obvious types |
| `modernize-use-emplace` | `push_back(T(...))` → `emplace_back` |
| `modernize-loop-convert` | `for` index loops → range-for |
| `modernize-use-default-member-init` | In-class member init |
| `modernize-use-nodiscard` | Add `[[nodiscard]]` |

### performance-*

| Check | What it catches |
|-------|-----------------|
| `performance-unnecessary-copy-initialization` | Copy when const ref suffices |
| `performance-avoid-endl` | `std::endl` flushes; use `'\n'` |
| `performance-for-range-copy` | Range-for copies when ref suffices |
| `performance-move-const-arg` | `std::move` on const has no effect |

## Recommended Starter Configuration

```yaml
Checks: >
  bugprone-*,
  clang-analyzer-core.*,
  clang-analyzer-unix.*,
  clang-analyzer-security.*,
  modernize-use-nullptr,
  modernize-use-override,
  performance-*,
  -modernize-use-trailing-return-type,
  -bugprone-easily-swappable-parameters,
  -bugprone-implicit-widening-of-multiplication-result
WarningsAsErrors: 'bugprone-*,clang-analyzer-*'
HeaderFilterRegex: '^(src|include)/.*'
```

## Suppressions Reference

```cpp
// Per-line
foo(); // NOLINT
foo(); // NOLINT(check-name)

// Per-next-line
// NOLINTNEXTLINE(check-name)
foo();

// Per-block
// NOLINTBEGIN(check-name)
...
// NOLINTEND(check-name)
```

## Common False Positive Patterns

| False positive | Suppression strategy |
|----------------|----------------------|
| Third-party headers | `HeaderFilterRegex` to exclude |
| Platform-specific compat code | NOLINT at call site |
| Legacy C-style casts in C code | `-modernize-use-*` for C projects |
| `bugprone-easily-swappable-parameters` on intentional API | Disable globally |


---
name: static-analysis
description: Static analysis skill for C/C++ codebases. Use when hardening code quality, triaging noisy builds, running clang-tidy, cppcheck, or scan-build, interpreting check categories, suppressing false positives, or integrating static analysis into CI. Activates on queries about clang-tidy checks, cppcheck, scan-build, compile_commands.json, code hardening, or static analysis warnings.
---

# Static Analysis

## Purpose

Guide agents through selecting, running, and triaging static analysis tools for C/C++ — clang-tidy, cppcheck, and scan-build — including suppression strategies and CI integration.

## Triggers

- "How do I run clang-tidy on my project?"
- "What clang-tidy checks should I enable?"
- "cppcheck is reporting false positives — how do I suppress them?"
- "How do I set up scan-build for deeper analysis?"
- "My build is noisy with

What is this skill?

bugprone-* group reference for use-after-move, memset misuse, narrowing, and infinite loops

clang-analyzer-* deep checks including null deref, malloc misuse, and insecure API usage

modernize-* migrations such as nullptr, override, auto, and emplace

Tabular mapping of check names to what each rule catches

Oriented toward always-on bugprone checks plus selective analyzer depth

Three documented check families: bugprone-*, clang-analyzer-*, and modernize-* with multiple named checks each

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 518 installs on skills.sh; 102 GitHub stars; 3/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

SKILL.md

READMESKILL.md - Static Analysis

# clang-tidy Check Reference

## High-Value Check Groups

### bugprone-* (always enable)

| Check | What it catches |
|-------|-----------------|
| `bugprone-use-after-move` | Using a C++ moved-from object |
| `bugprone-integer-division` | Integer division assigned to float |
| `bugprone-suspicious-memset-usage` | `memset(p, 0, sizeof(p))` on pointer |
| `bugprone-macro-parentheses` | Unparenthesised macro arguments |
| `bugprone-signed-char-misuse` | Signed char used as array index |
| `bugprone-string-constructor` | `std::string(0)` instead of `""` |
| `bugprone-narrowing-conversions` | Narrowing int → smaller type |
| `bugprone-branch-clone` | Identical if/else branches |
| `bugprone-infinite-loop` | Loop with no exit condition |

### clang-analyzer-* (deep path analysis)

| Check | What it catches |
|-------|-----------------|
| `clang-analyzer-core.NullDereference` | Null pointer deref |
| `clang-analyzer-core.UndefinedBinaryOperatorResult` | Uninit value in expr |
| `clang-analyzer-unix.Malloc` | malloc/free misuse |
| `clang-analyzer-unix.API` | POSIX API misuse |
| `clang-analyzer-security.insecureAPI.*` | `gets`, `strcpy`, `rand` |
| `clang-analyzer-cplusplus.NewDelete` | new/delete mismatches |

### modernize-* (C++11/14/17 upgrades)

| Check | Migration |
|-------|-----------|
| `modernize-use-nullptr` | `NULL` → `nullptr` |
| `modernize-use-override` | Add `override` to virtual |
| `modernize-use-auto` | Deduce obvious types |
| `modernize-use-emplace` | `push_back(T(...))` → `emplace_back` |
| `modernize-loop-convert` | `for` index loops → range-for |
| `modernize-use-default-member-init` | In-class member init |
| `modernize-use-nodiscard` | Add `[[nodiscard]]` |

### performance-*

| Check | What it catches |
|-------|-----------------|
| `performance-unnecessary-copy-initialization` | Copy when const ref suffices |
| `performance-avoid-endl` | `std::endl` flushes; use `'\n'` |
| `performance-for-range-copy` | Range-for copies when ref suffices |
| `performance-move-const-arg` | `std::move` on const has no effect |

## Recommended Starter Configuration

```yaml
Checks: >
  bugprone-*,
  clang-analyzer-core.*,
  clang-analyzer-unix.*,
  clang-analyzer-security.*,
  modernize-use-nullptr,
  modernize-use-override,
  performance-*,
  -modernize-use-trailing-return-type,
  -bugprone-easily-swappable-parameters,
  -bugprone-implicit-widening-of-multiplication-result
WarningsAsErrors: 'bugprone-*,clang-analyzer-*'
HeaderFilterRegex: '^(src|include)/.*'
```

## Suppressions Reference

```cpp
// Per-line
foo(); // NOLINT
foo(); // NOLINT(check-name)

// Per-next-line
// NOLINTNEXTLINE(check-name)
foo();

// Per-block
// NOLINTBEGIN(check-name)
...
// NOLINTEND(check-name)
```

## Common False Positive Patterns

| False positive | Suppression strategy |
|----------------|----------------------|
| Third-party headers | `HeaderFilterRegex` to exclude |
| Platform-specific compat code | NOLINT at call site |
| Legacy C-style casts in C code | `-modernize-use-*` for C projects |
| `bugprone-easily-swappable-parameters` on intentional API | Disable globally |


---
name: static-analysis
description: Static analysis skill for C/C++ codebases. Use when hardening code quality, triaging noisy builds, running clang-tidy, cppcheck, or scan-build, interpreting check categories, suppressing false positives, or integrating static analysis into CI. Activates on queries about clang-tidy checks, cppcheck, scan-build, compile_commands.json, code hardening, or static analysis warnings.
---

# Static Analysis

## Purpose

Guide agents through selecting, running, and triaging static analysis tools for C/C++ — clang-tidy, cppcheck, and scan-build — including suppression strategies and CI integration.

## Triggers

- "How do I run clang-tidy on my project?"
- "What clang-tidy checks should I enable?"
- "cppcheck is reporting false positives — how do I suppress them?"
- "How do I set up scan-build for deeper analysis?"
- "My build is noisy with

Overview

Install

What is this skill?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is static-analysis for?

When should I use static-analysis?

Is static-analysis safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is static-analysis for?

When should I use static-analysis?

Is static-analysis safe to install?

SKILL.md