Does it support legacy Python projects?

Yes, it can review any Python project, but it will specifically flag legacy patterns like setup.py and missing type hints as 'Red Flags' to encourage modernization.

What does the output report look like?

It generates a structured Markdown report featuring a star rating for different categories, a list of strengths, and prioritized recommendations for improvement.

What dimensions of a Python project does this skill evaluate?

It assesses eight critical areas: directory structure, packaging standards, code quality (types/linting), testing coverage, security vulnerabilities, documentation, API design, and CI/CD integration.

Can I use this for CI/CD pipeline checks?

While it is a manual audit tool, its criteria are designed to mirror the best practices that should be enforced in a robust CI/CD pipeline, such as 80%+ test coverage and security scans.

How does it handle security audits?

The skill performs static analysis for hardcoded secrets, uses tools like Bandit for common vulnerabilities, and checks for valid license files and dependency pinning.

Python Library Quality Reviewer

Name: Python Library Quality Reviewer
Author: wdm0006

bywdm0006

0•

安全与测试

Conducts comprehensive audits of Python libraries to evaluate code quality, security, packaging standards, and maintenance health.

This skill provides a systematic framework for evaluating Python packages against modern industry standards, including PEP-621 compliance, type hinting, and security best practices. By analyzing repository structure, CI/CD pipelines, and test coverage, it generates detailed reports with actionable feedback, making it an essential tool for dependency auditing, pre-release checks, and open-source contribution assessments based on professional Python development patterns.

主要功能

01Deep analysis of test coverage, edge cases, and test suite health.

02Security vulnerability scanning for hardcoded secrets and common anti-patterns.

03Evaluation of API design consistency, documentation completeness, and type hint coverage.

04Automated health checks for modern Python packaging and pyproject.toml compliance.

050 GitHub stars

06Standardized reporting with severity-ranked improvement recommendations and category scores.

使用场景

01Evaluating third-party dependencies for security and quality before adding them to a production stack.

02Preparing an internal Python library for a major release or public open-source debut.

03Auditing legacy Python projects to identify modernization gaps and technical debt.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add wdm0006/python-skills library-review

For use in Claude.ai and ChatGPT

Download Skill