Skill Detail

SonarQube Analysis Agent

Integrates with the SonarQube REST API to run static code analysis scans, retrieve quality gate results, and flag code smells. Supports SonarCloud and on-premise SonarQube instances via token-based authentication.

Code Quality & ReviewOpenClaw

Code Quality & Review OpenClaw Security Reviewed

Tool match: sonarqube ⭐ 10.4k GitHub stars LGPL-3.0 license

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill sonarqube-analysis-agent Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source

At a glance

Last updated

Mar 20, 2026

Quick brief

The SonarQube Analysis Agent connects to your SonarQube or SonarCloud instance via the official REST API (api/qualitygates, api/issues, api/measures) to automate static code analysis workflows. It authenticates using project-scoped tokens and retrieves detailed quality gate status, code smell counts, vulnerability reports, and technical debt estimates.

How it works

What this skill actually does

Designed for CI/CD pipelines, the agent can be triggered after each commit or pull request to run incremental analysis. It parses the SonarQube webhook payload to determine pass/fail status and surfaces actionable findings directly in your development workflow. Supports multi-language projects including Java, Python, JavaScript, TypeScript, Go, and C#.

The agent also tracks quality trends over time by querying the measures API for metrics like cyclomatic complexity, duplicated lines percentage, and coverage ratios. Results can be formatted as markdown reports or posted as PR comments via the GitHub Checks API integration.

Best fit

When to reach for it

Best when the job fits Code Quality & Review.
Works naturally with OpenClaw setups.

Trust & provenance

Why this listing is credible

Built around the sonarqube toolchain.
Trust status: Security Reviewed.
10.4k GitHub stars on the linked upstream source.
License: LGPL-3.0.
Last updated Mar 20, 2026.

View source ↗