Python Code Review MCP Agent

/** * Demo script to test Python Code Review MCP functionality * Shows real examples of code analysis and reporting */ import { PythonAnalyzer } from './python-analyzer.js'; import { ReportFormatter } from './report-formatter.js'; class Demo { private analyzer: PythonAnalyzer; private formatter: ReportFormatter; constructor() { this.analyzer = new PythonAnalyzer(); this.formatter = new ReportFormatter(); } public async runDemo(): Promise<void> { console.log('🐍 Python Code Review MCP - Live Demo\n'); await this.demoSecurityAnalysis(); await this.demoQualityAnalysis(); await this.demoComparisonAnalysis(); console.log('🎉 Demo completed! Your Python Code Review MCP is ready to use.'); } private async demoSecurityAnalysis(): Promise<void> { console.log('🔒 SECURITY ANALYSIS DEMO'); console.log('=' + '='.repeat(40)); const vulnerableCode = ` import sqlite3 import os from flask import Flask, request app = Flask(__name__) app.secret_key = "hardcoded-secret-123" # Security issue! @app.route('/user') def get_user(): user_id = request.args.get('id') # SQL Injection vulnerability query = f"SELECT * FROM users WHERE id = {user_id}" conn = sqlite3.connect('app.db') cursor = conn.cursor() cursor.execute(query) return cursor.fetchone() @app.route('/exec') def execute_command(): cmd = request.args.get('cmd') # Command injection vulnerability os.system(cmd) # Use of eval - code injection result = eval(request.args.get('expr', '0')) return str(result) `; const result = this.analyzer.analyzePythonCode(vulnerableCode, 'vulnerable_flask_app.py'); const securityReport = this.formatter.generateSecurityReport(result); console.log(securityReport); console.log('\n' + '-'.repeat(80) + '\n'); } private async demoQualityAnalysis(): Promise<void> { console.log('📊 CODE QUALITY ANALYSIS DEMO'); console.log('=' + '='.repeat(40)); const qualityIssuesCode = ` # Quality issues demo import os, sys, json # Multiple imports - bad practice class badClassName: # Wrong naming convention def __init__(self): pass def BadMethodName(self): # Wrong naming convention pass def process_data(data): # Missing docstring result = [] # Performance issue - should use enumerate for i in range(len(data)): item = data[i] result += [item.upper()] # Inefficient list concatenation # Bare except - dangerous try: risky_operation() except: pass # Silent failure # TODO: Optimize this function MAGIC_NUMBER = 42 # Magic number should be explained return result def risky_operation(): # FIXME: This function needs proper implementation pass `; const result = this.analyzer.analyzePythonCode(qualityIssuesCode, 'quality_issues_demo.py'); const detailedReport = this.formatter.generateDetailedReport(result); console.log(detailedReport); console.log('\n' + '-'.repeat(80) + '\n'); } private async demoComparisonAnalysis(): Promise<void> { console.log('🔄 CODE COMPARISON DEMO'); console.log('=' + '='.repeat(40)); const originalCode = ` def get_user_data(user_id): query = "SELECT * FROM users WHERE id = '%s'" % user_id cursor.execute(query) return cursor.fetchone() def process_items(items): result = [] for i in range(len(items)): result += [items[i].upper()] return result `; const improvedCode = ` def get_user_data(user_id): """Safely retrieve user data from database. Args: user_id (int): The user's unique identifier Returns: tuple: User data record or None if not found """ query = "SELECT * FROM users WHERE id = %s" cursor.execute(query, (user_id,)) # Parameterized query - secure! return cursor.fetchone() def process_items(items): """Process items by converting them to uppercase. Args: items (list): List of items to process Returns: list: Processed items in uppercase """ # Using list comprehension - more efficient return [item.upper() for item in items] `; const originalResult = this.analyzer.analyzePythonCode(originalCode, 'original.py'); const improvedResult = this.analyzer.analyzePythonCode(improvedCode, 'improved.py'); const comparisonReport = this.generateComparisonReport(originalResult, improvedResult); console.log(comparisonReport); console.log('\n' + '-'.repeat(80) + '\n'); } private generateComparisonReport(original: any, improved: any): string { const sections = [ '🔄 **CODE IMPROVEMENT COMPARISON**', '=' + '='.repeat(50), '', '## 📈 **IMPROVEMENT METRICS**', '', `| Metric | Original | Improved | Change |`, `|--------|----------|----------|--------|`, `| Quality Score | ${original.codeQualityScore}/100 | ${improved.codeQualityScore}/100 | ${this.formatChange(improved.codeQualityScore - original.codeQualityScore)} |`, `| Security Score | ${original.securityScore}/100 | ${improved.securityScore}/100 | ${this.formatChange(improved.securityScore - original.securityScore)} |`, `| Total Issues | ${original.totalIssues} | ${improved.totalIssues} | ${this.formatChange(original.totalIssues - improved.totalIssues)} |`, `| Critical Issues | ${original.criticalIssues} | ${improved.criticalIssues} | ${this.formatChange(original.criticalIssues - improved.criticalIssues)} |`, '', '## 🎯 **KEY IMPROVEMENTS**', '', '✅ **Security Enhanced:**', '- Replaced string formatting with parameterized queries', '- Eliminated SQL injection vulnerabilities', '', '✅ **Code Quality Improved:**', '- Added comprehensive docstrings', '- Replaced inefficient loops with list comprehensions', '- Better error handling practices', '', '✅ **Maintainability Boosted:**', '- Clear function documentation', '- More readable and efficient code patterns', '- Professional coding standards followed' ]; return sections.join('\n'); } private formatChange(change: number): string { if (change > 0) return `📈 +${change}`; if (change < 0) return `📉 ${change}`; return '➡️ 0'; } } // Run demo if this file is executed directly if (import.meta.url === `file://${process.argv[1]}`) { const demo = new Demo(); demo.runDemo().catch(console.error); }