assess
Code quality in one call
Security vulnerabilities, quality issues, missing docs, and anti-patterns - all checked in a single tool call with pass/fail results and actionable feedback.
Problems This Solves
"AI generates insecure code"
SQL injection, XSS, command injection - AI assistants write vulnerable code because they optimize for functionality, not security.
"Too many linters to configure"
ESLint, Prettier, SonarQube, Semgrep - each with their own config. You need one unified assessment, not 5 different tools.
"Quality checks happen too late"
CI/CD catches issues after you've committed. By then, you've context-switched. You need feedback while the code is fresh in your mind.
"AI hallucinates database fields"
AI invents columns that don't exist. Without schema validation, you don't catch it until runtime.
What Gets Checked
Auto-detects file type and runs relevant checks. You can also specify exactly which checks to run.
Security
- •SQL injection patterns
- •XSS vulnerabilities
- •Command injection
- •Hardcoded secrets
- •Insecure dependencies
Quality
- •Empty catch blocks
- •Missing await
- •Unused variables
- •Console.log pollution
- •Code complexity
Schema
- •Validates against Drizzle/Prisma schemas
- •Catches hallucinated columns
- •Type mismatches
- •Missing relations
Documentation
- •JSDoc coverage
- •Missing parameter docs
- •Undocumented exports
- •Outdated examples
Adaptive Strictness
Different phases of development need different guardrails. Assess automatically adjusts based on your git branch.
| Mode | Branches | Behavior |
|---|---|---|
| Prototype | feature/*, poc/* | Warnings only - explore freely |
| Development | develop, dev/* | Blocks critical issues |
| Staging | staging/*, release/* | Blocks high severity + |
| Production | main, master | Blocks medium severity + |
Usage
Basic Assessment
Auto-detects file type and runs all relevant checks.
assess({
code: '...',
filePath: 'src/api/users.ts'
})Specific Checks
Run only security and schema validation.
assess({
code: '...',
checks: ['security', 'schema'],
schemaFile: 'db/schema.ts'
})Project-Wide Assessment
Assess all TypeScript files and get aggregate metrics.
assess_project({
pattern: 'src/**/*.ts',
checks: 'auto'
})Catch issues before they ship
Get unified code quality checks directly in your AI-assisted workflow.