review_python_code
Analyze Python code for quality and security risks. Generate detailed reports with actionable recommendations to improve code performance and maintain best practices.
Instructions
Comprehensive Python code analysis focusing on quality and security. Provides detailed reports with actionable recommendations.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| code | Yes | Python code to analyze | |
| filename | No | Name of the file (optional, defaults to unknown.py) | unknown.py |
| reportType | No | Type of report to generate | detailed |
Input Schema (JSON Schema)
{
"properties": {
"code": {
"description": "Python code to analyze",
"type": "string"
},
"filename": {
"default": "unknown.py",
"description": "Name of the file (optional, defaults to unknown.py)",
"type": "string"
},
"reportType": {
"default": "detailed",
"description": "Type of report to generate",
"enum": [
"detailed",
"summary",
"security"
],
"type": "string"
}
},
"required": [
"code"
],
"type": "object"
}
Implementation Reference
- src/index.ts:243-268 (handler)Handler function for the 'review_python_code' tool that validates input, performs analysis using PythonAnalyzer, and returns a formatted report based on the specified report type.private async handleReviewCode(args: unknown) { const { code, filename, reportType } = ReviewCodeSchema.parse(args); const result = this.analyzer.analyzePythonCode(code, filename); let report: string; switch (reportType) { case 'summary': report = this.formatter.generateSummaryReport(result); break; case 'security': report = this.formatter.generateSecurityReport(result); break; default: report = this.formatter.generateDetailedReport(result); } return { content: [ { type: 'text', text: report } ] }; }
- src/python-analyzer.ts:112-195 (helper)Core implementation of Python code analysis using regex patterns to detect security vulnerabilities, quality issues, style violations, and maintainability problems. Called by the tool handler.public analyzePythonCode(code: string, fileName: string = 'unknown.py'): AnalysisResult { const lines = code.split('\n'); const issues: CodeIssue[] = []; // Analyze each line lines.forEach((line, index) => { const lineNumber = index + 1; // Check security patterns this.securityPatterns.forEach(pattern => { if (pattern.pattern.test(line)) { issues.push({ type: 'security', severity: pattern.severity, line: lineNumber, message: pattern.message, rule: pattern.rule, codeSnippet: line.trim(), suggestion: this.getSuggestion(pattern.rule, line) }); } }); // Check quality patterns this.qualityPatterns.forEach(pattern => { if (pattern.pattern.test(line)) { issues.push({ type: 'quality', severity: pattern.severity, line: lineNumber, message: pattern.message, rule: pattern.rule, codeSnippet: line.trim(), suggestion: this.getSuggestion(pattern.rule, line) }); } }); // Check maintainability patterns this.maintainabilityPatterns.forEach(pattern => { if (pattern.pattern.test(line)) { issues.push({ type: 'maintainability', severity: pattern.severity, line: lineNumber, message: pattern.message, rule: pattern.rule, codeSnippet: line.trim(), suggestion: this.getSuggestion(pattern.rule, line) }); } }); }); // Multi-line analysis this.analyzeMultilinePatterns(code, issues); // Calculate metrics const criticalIssues = issues.filter(i => i.severity === 'critical').length; const highIssues = issues.filter(i => i.severity === 'high').length; const mediumIssues = issues.filter(i => i.severity === 'medium').length; const lowIssues = issues.filter(i => i.severity === 'low').length; const codeQualityScore = this.calculateCodeQualityScore(issues, lines.length); const securityScore = this.calculateSecurityScore(issues); return { fileName, totalLines: lines.length, totalIssues: issues.length, criticalIssues, highIssues, mediumIssues, lowIssues, issues: issues.sort((a, b) => { const severityOrder = { critical: 4, high: 3, medium: 2, low: 1 }; return severityOrder[b.severity] - severityOrder[a.severity] || a.line - b.line; }), summary: this.generateSummary(issues, lines.length), recommendations: this.generateRecommendations(issues), codeQualityScore, securityScore }; }
- src/index.ts:26-30 (schema)Zod schema used for input validation in the review_python_code handler.const ReviewCodeSchema = z.object({ code: z.string().min(1, "Code cannot be empty"), filename: z.string().optional().default("unknown.py"), reportType: z.enum(["detailed", "summary", "security"]).optional().default("detailed") });
- src/index.ts:82-105 (registration)Tool registration in the ListTools response, defining name, description, and input schema for MCP protocol.name: 'review_python_code', description: 'Comprehensive Python code analysis focusing on quality and security. Provides detailed reports with actionable recommendations.', inputSchema: { type: 'object', properties: { code: { type: 'string', description: 'Python code to analyze' }, filename: { type: 'string', description: 'Name of the file (optional, defaults to unknown.py)', default: 'unknown.py' }, reportType: { type: 'string', enum: ['detailed', 'summary', 'security'], description: 'Type of report to generate', default: 'detailed' } }, required: ['code'] } },