sonarqube-mcp
SKILL.md
SonarQube MCP
Use SonarQube/SonarCloud MCP tools to check code quality, find issues, and analyze code before pushing.
Quick Actions
Check Quality Gate
get_project_quality_gate_status
projectKey: "org_project"
pullRequest: "123" # or branch: "feature-branch"
status: "OK"= passesstatus: "ERROR"= fails- Check
conditionsarray for specific metrics
Find Issues
search_sonar_issues_in_projects
projects: ["org_project"]
pullRequestId: "123"
severities: ["BLOCKER", "CRITICAL"] # optional filter
Analyze Code Before Push
analyze_code_snippet
code: "your code here"
language: "typescript" # or go, python, java, etc.
This runs analysis WITHOUT triggering CI - great for catching issues early.
Understand a Rule
show_rule
key: "typescript:S1082" # or go:S3776, etc.
Mark False Positive
change_sonar_issue_status
key: "issue-key-from-search"
status: ["falsepositive"] # or ["accept"], ["reopen"]
Tool Reference
See TOOLS.md for complete tool documentation.
Severity Levels
| Level | Meaning |
|---|---|
| BLOCKER | Must fix immediately |
| CRITICAL | High impact |
| MAJOR | Significant problems |
| MINOR | Code smells |
| INFO | Informational |
Common Metrics
| Key | Description |
|---|---|
coverage |
Test coverage % |
duplicated_lines_density |
Duplication % |
reliability_rating |
Bug rating (A-E) |
security_rating |
Vulnerability rating |
sqale_rating |
Maintainability rating |
ncloc |
Lines of code |
complexity |
Cyclomatic complexity |
Tips
- Pre-commit check: Use
analyze_code_snippetbefore pushing - PR status: Always check
get_project_quality_gate_statuswithpullRequestparam - Understand failures: Use
show_ruleto learn why code was flagged - Triage efficiently: Filter by
severities: ["BLOCKER", "CRITICAL"]first
Weekly Installs
4
Repository
moto-nrw/project-phoenixGitHub Stars
7
First Seen
Feb 8, 2026
Security Audits
Installed on
codex3
gemini-cli3
amp2
opencode2
kimi-cli2
github-copilot2