This project is a suite of automated tools and an LLM code review framework designed for design auditing, security scanning, and AI-driven code analysis. It functions as a developer workflow orchestrator that uses static analysis agents and agent-based workflows to automate pull request analysis and security audits.
The main features of oneredoak/claude-code-workflows are: Critic Agent Loops, Agentic Code Reviews, Review Customization, Automated Code Review, Security and Vulnerability Scanning, Pull Request Analysis Agents, Development Workflow Orchestrators, Vulnerability Review Scanners.
Open-source alternatives to oneredoak/claude-code-workflows include: qodo-ai/qodo-cover — Qodo Cover is an engineering governance platform and AI-powered assistant designed for automated code review and unit… snyk/cli — The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies,… analysis-tools-dev/static-analysis — This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It… qodo-ai/pr-agent — PR Agent is an AI-powered code analysis tool and pull request reviewer that uses large language models to automate… realpython/materials — This project is a comprehensive collection of Python programming education materials, including tutorials, exercises,… snyk/snyk — Snyk is an application security testing platform designed to identify and remediate vulnerabilities across source…
Qodo Cover is an engineering governance platform and AI-powered assistant designed for automated code review and unit test generation. It utilizes an abstract syntax tree codebase knowledge graph to map dependencies and architectural relationships, allowing it to analyze pull requests and enforce organizational coding standards. The system distinguishes itself through a multi-agent analysis pipeline that performs architectural reasoning and identifies bugs beyond the immediate diff. It features a model context protocol server to expose codebase intelligence to external tools and can automatic
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma
PR Agent is an AI-powered code analysis tool and pull request reviewer that uses large language models to automate version control workflows. It functions as a programmatic agent that integrates with version control platforms to provide automated quality checks, explain code changes, and manage pull request documentation. The system distinguishes itself by enforcing organizational engineering standards through a customizable rule-based system. It leverages retrieval-augmented generation to inject repository context and organizational guidelines into its analysis, ensuring that feedback remain