sonarqube-cli
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the SonarQube CLI installation script from the official SonarSource GitHub repository.
- [COMMAND_EXECUTION]: Uses subprocess calls to execute git and sonar-scanner for branch management and project analysis.
- [DATA_EXFILTRATION]: Interacts with the user-provided SonarQube host URL via authenticated API calls to retrieve analysis tasks and quality gate statuses.
Audit Metadata