---
id: sm-pattern-detection
name: "pattern-detection"
url: https://skills.yangsir.net/skill/sm-pattern-detection
author: supercent-io
domain: ai-code-generation-quality
tags: ["anomaly-detection", "time-series-analysis", "machine-learning", "data-mining", "statistical-modeling"]
install_count: 10500
rating: 4.50 (419 reviews)
github: https://github.com/supercent-io/skills-template
---

# pattern-detection

> 此技能用于模式检测，包括代码审查中发现问题模式、安全审查中扫描漏洞、重构时识别重复代码及性能优化。

**Stats**: 10,500 installs · 4.5/5 (419 reviews)

## Before / After 对比

### 代码模式检测与优化

## Readme

# pattern-detection

Pattern Detection When to use this skill Code review: Proactively detect problematic patterns Security review: Scan for vulnerability patterns Refactoring: Identify duplicate code Monitoring: Alert on anomalies Instructions Step 1: Detect code smell patterns Detect long functions: # Find functions with 50+ lines grep -n "function\|def\|func " **/*.{js,ts,py,go} | \ while read line; do file=$(echo $line | cut -d: -f1) linenum=$(echo $line | cut -d: -f2) # Function length calculation logic done Duplicate code patterns: # Search for similar code blocks grep -rn "if.*==.*null" --include="*.ts" . grep -rn "try\s*{" --include="*.java" . | wc -l Magic numbers: # Search for hard-coded numbers grep -rn "[^a-zA-Z][0-9]{2,}[^a-zA-Z]" --include="*.{js,ts}" . Step 2: Security vulnerability patterns SQL Injection risks: # SQL query built via string concatenation grep -rn "query.*+.*\$\|execute.*%s\|query.*f\"" --include="*.py" . grep -rn "SELECT.*\+.*\|\|" --include="*.{js,ts}" . Hard-coded secrets: # Password, API key patterns grep -riE "(password|secret|api_key|apikey)\s*=\s*['\"][^'\"]+['\"]" --include="*.{js,ts,py,java}" . # AWS key patterns grep -rE "AKIA[0-9A-Z]{16}" . Dangerous function usage: # eval, exec usage grep -rn "eval\(.*\)\|exec\(.*\)" --include="*.{py,js}" . # innerHTML usage grep -rn "innerHTML\s*=" --include="*.{js,ts}" . Step 3: Code structure patterns Import analysis: # Candidates for unused imports grep -rn "^import\|^from.*import" --include="*.py" . | \ awk -F: '{print $3}' | sort | uniq -c | sort -rn TODO/FIXME patterns: # Find unfinished code grep -rn "TODO\|FIXME\|HACK\|XXX" --include="*.{js,ts,py}" . Error handling patterns: # Empty catch blocks grep -rn "catch.*{[\s]*}" --include="*.{js,ts,java}" . # Ignored errors grep -rn "except:\s*pass" --include="*.py" . Step 4: Data anomaly patterns Regex patterns: import re patterns = { 'email': r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}', 'phone': r'\d{3}[-.\s]?\d{4}[-.\s]?\d{4}', 'ip_address': r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', 'credit_card': r'\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}', 'ssn': r'\d{3}-\d{2}-\d{4}', } def detect_sensitive_data(text): found = {} for name, pattern in patterns.items(): matches = re.findall(pattern, text) if matches: found[name] = len(matches) return found Statistical anomaly detection: import numpy as np from scipy import stats def detect_anomalies_zscore(data, threshold=3): """Z-score-based outlier detection""" z_scores = np.abs(stats.zscore(data)) return np.where(z_scores > threshold)[0] def detect_anomalies_iqr(data, k=1.5): """IQR-based outlier detection""" q1, q3 = np.percentile(data, [25, 75]) iqr = q3 - q1 lower = q1 - k * iqr upper = q3 + k * iqr return np.where((data < lower) | (data > upper))[0] Step 5: Trend analysis import pandas as pd def analyze_trend(df, date_col, value_col): """Time-series trend analysis""" df[date_col] = pd.to_datetime(df[date_col]) df = df.sort_values(date_col) # Moving averages df['ma_7'] = df[value_col].rolling(window=7).mean() df['ma_30'] = df[value_col].rolling(window=30).mean() # Growth rate df['growth'] = df[value_col].pct_change() * 100 # Trend direction recent_trend = df['ma_7'].iloc[-1] > df['ma_30'].iloc[-1] return { 'trend_direction': 'up' if recent_trend else 'down', 'avg_growth': df['growth'].mean(), 'volatility': df[value_col].std() } Output format Pattern detection report # Pattern Detection Report ## Summary - Files scanned: XXX - Patterns detected: XX - High severity: X - Medium severity: X - Low severity: X ## Detected patterns ### Security vulnerabilities (HIGH) | File | Line | Pattern | Description | |------|------|------|------| | file.js | 42 | hardcoded-secret | Hard-coded API key | ### Code smells (MEDIUM) | File | Line | Pattern | Description | |------|------|------|------| | util.py | 100 | long-function | Function length: 150 lines | ## Recommended actions 1. [Action 1] 2. [Action 2] Best practices Incremental analysis: Start with simple patterns Minimize false positives: Use precise regex Check context: Understand the context around a match Prioritize: Sort by severity Constraints Required rules (MUST) Read-only operation Perform result verification State the possibility of false positives Prohibited (MUST NOT) Do not auto-modify code Do not log sensitive information References Regex101 OWASP Cheat Sheet Code Smell Catalog Examples Example 1: Basic usage Example 2: Advanced usageWeekly Installs10.2KRepositorysupercent-io/sk…templateGitHub Stars53First SeenJan 24, 2026Security AuditsGen Agent Trust HubPassSocketFailSnykPassInstalled oncodex10.2Kgemini-cli10.2Kopencode10.2Kgithub-copilot10.1Kcursor10.1Kamp10.1K

---
*Source: https://skills.yangsir.net/skill/sm-pattern-detection*
*Markdown mirror: https://skills.yangsir.net/api/skill/sm-pattern-detection/markdown*