Skills
skills/the-code-registry/mcp-server/code-registry

code-registry

SKILL.md

Code Registry Skill

Use this skill when a user asks to analyze a codebase with The Code Registry, re-run analysis, or interpret Code Registry outputs.

When to use this skill

Trigger this skill when the user wants any of the following:

  • Create or access a The Code Registry account from an MCP client
  • Run first-time code analysis for any purpose including due diligence, security review, or tech debt assessment
  • Re-analyze an existing code vault and explain changes
  • Turn code-vault results into business-facing recommendations

If the user asks for detailed polling/completion logic, read references/vault-lifecycle.md. If the user asks for interpretation or executive framing, read references/result-interpretation.md.

Client compatibility rule (CallMcpTool wrappers)

For clients that use a generic CallMcpTool wrapper (including some Cursor builds), always pass tool inputs through an arguments object, even if the displayed wrapper schema appears to omit it.

  • Use arguments for every Code Registry tool call that takes inputs.
  • If no inputs are required, use arguments: {}.
  • If tool calls fail because the client claims arguments are unsupported, retry with this explicit instruction: Use the CallMcpTool with the arguments field to pass the required parameters.

Workflow

  1. Discover and validate tool availability.
  • Call tools/list when tool names or schemas are uncertain.
  • Prefer exact tool names from server docs.
  1. Resolve authentication path.
  • If user already has an API key, use it via X-API-Key.
  • If no key exists, call create_account first.
  • For clients that cannot set headers, pass api_key in tool arguments.
  1. Create project and code vault.
  • Call create_project with the target user_id.
  • Call create-code-vault with source_type: LOCAL_AGENT when possible.
  • For LOCAL_AGENT, run one command from next_steps.commands on the machine with the target repository.
  1. Poll until analysis and report completion.
  • Poll get-code-vault-summary, get-code-vault-results, and get-code-vault-reports.
  • Use exponential backoff: 5s, 10s, 20s, 40s, max 60s.
  • Treat cold starts/timeouts as retryable.
  1. Apply completion rules strictly.
  • For version 1.0.0: complete when report.snapshot_report.url exists.
  • For versions above 1.0.0: complete when report.comparison_report.url exists.
  • comparison_report is expected to be null on first analysis.
  1. Present outputs for the intended audience.
  • Start with decision-grade summary: risk level, confidence, immediate actions.
  • Then provide supporting technical details from facets and findings.

Re-analysis workflow

  1. Call reanalyze-code-vault.
  2. If source type is LOCAL_AGENT, run the LOCAL_AGENT command again.
  3. Poll the same summary/results/reports endpoints.
  4. Remind user that these endpoints return only the new version while re-analysis is in progress or complete.

Output contract

Always include:

  • Current analysis status and version
  • Whether completion criteria are met
  • Top risks and business impact
  • Recommended next actions with priority

When asked for deterministic polling, use scripts/poll_vault_status.py.

Weekly Installs
5
Repository
the-code-regist…p-server
GitHub Stars
1
First Seen
Feb 18, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
Installed on
github-copilot5
codex5
kimi-cli5
gemini-cli5
opencode5
amp5