Run any Skill in Manus with one click

sonar

Stars1

Forks0

UpdatedFebruary 9, 2026 at 16:03

Use this skill when the user mentions "sonar", "sonarqube", "code quality", "code smell", "quality gate", "new code issues", "fetch issues", "security hotspots", or wants to analyze code quality.

Installation

Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.

Run Skill in Manus

Source

COvayurt

COvayurt/awesome-agent-toolkit

View GitHub Repository View Creator Repositories

Download

Run Skill in Manus

Related occupationsSOC

Based on SOC occupation classification

Software Quality Assurance Analysts and TestersComputer and Mathematical Occupations·SOC 15-1253

SKILL.md

readonly

name	sonar
description	Use this skill when the user mentions "sonar", "sonarqube", "code quality", "code smell", "quality gate", "new code issues", "fetch issues", "security hotspots", or wants to analyze code quality.

SonarQube Integration

Fetch and manage SonarQube issues, quality gates, and metrics using bash scripts.

How to Use

Call bash scripts directly via the Bash tool. No MCP server required.

Scripts location: ~/.claude/plugins/cache/awesome-agent-toolkit/sonarqube/1.2.1/core/scripts/

IMPORTANT: Environment variables must be set. Check with:

echo $SONAR_HOST_URL $SONAR_TOKEN $SONAR_PROJECT_KEY

If empty, add them to ~/.claude/settings.json under env:

{
  "env": {
    "SONAR_HOST_URL": "https://sonarqube.example.com",
    "SONAR_TOKEN": "sqa_xxxxxxxxxxxx",
    "SONAR_PROJECT_KEY": "my-project-key"
  }
}

Available Commands

Set PLUGIN_DIR=~/.claude/plugins/cache/awesome-agent-toolkit/sonarqube/1.2.1

Fetch Issues

# Fetch all open issues (HIGH, MEDIUM severity)
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH,MEDIUM

# Fetch only HIGH severity issues
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH

# Fetch issues from NEW CODE only (important for CI/CD)
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH --new-code

# Fetch issues for a specific file
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --file src/main/java/MyClass.java

Check Quality Gate

bash $PLUGIN_DIR/core/scripts/quality-gate.sh

Returns: PASSED, FAILED, or ERROR with condition details.

View Metrics

bash $PLUGIN_DIR/core/scripts/metrics.sh

Returns: Coverage %, duplications, bugs, vulnerabilities, code smells count.

Security Hotspots

bash $PLUGIN_DIR/core/scripts/hotspots.sh

Returns: Security hotspots that need review.

Rule Details

bash $PLUGIN_DIR/core/scripts/rule-details.sh java:S2140

Explains what a specific rule means and how to fix it.

Run Analysis

bash $PLUGIN_DIR/core/scripts/run-analysis.sh

Triggers a SonarQube scan on the current project.

Workflows

1. Fetch & Fix New Code Issues

When user asks about "new code issues" or "sonar issues from new code":

Run: bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH --new-code
Parse the JSON output and present as a table
For each issue, offer to read the file and fix it

2. Check Quality Gate Before PR

When user asks about quality gate status:

Run: bash $PLUGIN_DIR/core/scripts/quality-gate.sh
Report PASSED/FAILED status
If failed, list which conditions failed

3. Review Security Issues

When user mentions security:

Run: bash $PLUGIN_DIR/core/scripts/hotspots.sh
Present hotspots with vulnerability categories
Recommend review actions

Output Format

Present issues as a table:

#	File	Line	Rule	Message	Severity
1	`File.java`	42	java:S2140	Use nextInt()	HIGH

After listing, ask: Ready to fix? Reply with task numbers (e.g., 1, 3, 5), all, or skip.

SonarQube Integration

Fetch and manage SonarQube issues, quality gates, and metrics using bash scripts.

How to Use

Call bash scripts directly via the Bash tool. No MCP server required.

Scripts location: ~/.claude/plugins/cache/awesome-agent-toolkit/sonarqube/1.2.1/core/scripts/

IMPORTANT: Environment variables must be set. Check with:

echo $SONAR_HOST_URL $SONAR_TOKEN $SONAR_PROJECT_KEY

If empty, add them to ~/.claude/settings.json under env:

{
  "env": {
    "SONAR_HOST_URL": "https://sonarqube.example.com",
    "SONAR_TOKEN": "sqa_xxxxxxxxxxxx",
    "SONAR_PROJECT_KEY": "my-project-key"
  }
}

Available Commands

Set PLUGIN_DIR=~/.claude/plugins/cache/awesome-agent-toolkit/sonarqube/1.2.1

Fetch Issues

# Fetch all open issues (HIGH, MEDIUM severity)
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH,MEDIUM

# Fetch only HIGH severity issues
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH

# Fetch issues from NEW CODE only (important for CI/CD)
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH --new-code

# Fetch issues for a specific file
bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --file src/main/java/MyClass.java

Check Quality Gate

bash $PLUGIN_DIR/core/scripts/quality-gate.sh

Returns: PASSED, FAILED, or ERROR with condition details.

View Metrics

bash $PLUGIN_DIR/core/scripts/metrics.sh

Returns: Coverage %, duplications, bugs, vulnerabilities, code smells count.

Security Hotspots

bash $PLUGIN_DIR/core/scripts/hotspots.sh

Returns: Security hotspots that need review.

Rule Details

bash $PLUGIN_DIR/core/scripts/rule-details.sh java:S2140

Explains what a specific rule means and how to fix it.

Run Analysis

bash $PLUGIN_DIR/core/scripts/run-analysis.sh

Triggers a SonarQube scan on the current project.

Workflows

1. Fetch & Fix New Code Issues

When user asks about "new code issues" or "sonar issues from new code":

Run: bash $PLUGIN_DIR/core/scripts/fetch-issues.sh --severity HIGH --new-code
Parse the JSON output and present as a table
For each issue, offer to read the file and fix it

2. Check Quality Gate Before PR

When user asks about quality gate status:

Run: bash $PLUGIN_DIR/core/scripts/quality-gate.sh
Report PASSED/FAILED status
If failed, list which conditions failed

3. Review Security Issues

When user mentions security:

Run: bash $PLUGIN_DIR/core/scripts/hotspots.sh
Present hotspots with vulnerability categories
Recommend review actions

Output Format

Present issues as a table:

#	File	Line	Rule	Message	Severity
1	`File.java`	42	java:S2140	Use nextInt()	HIGH

After listing, ask: Ready to fix? Reply with task numbers (e.g., 1, 3, 5), all, or skip.

sonar

SonarQube Integration

How to Use

Available Commands

Fetch Issues

Check Quality Gate

View Metrics

Security Hotspots

Rule Details

Run Analysis

Workflows

1. Fetch & Fix New Code Issues

2. Check Quality Gate Before PR

3. Review Security Issues

Output Format

More from this repository

More from this repository

SonarQube Integration

How to Use

Available Commands

Fetch Issues

Check Quality Gate

View Metrics

Security Hotspots

Rule Details

Run Analysis

Workflows

1. Fetch & Fix New Code Issues

2. Check Quality Gate Before PR

3. Review Security Issues

Output Format