pattern-detection
This skill is used for pattern detection, including identifying problem patterns in code reviews, scanning for vulnerabilities in security reviews, recognizing duplicate code during refactoring, and performance optimization.
npx skills add supercent-io/skills-template --skill pattern-detectionBefore / After Comparison
1 组In code reviews, manually searching for duplicate code, long functions, and potential security vulnerabilities is inefficient, easily misses critical issues, and leads to a decline in code quality.
By using automated pattern detection tools, it's possible to quickly identify code smells, security vulnerabilities, and patterns requiring refactoring, significantly improving code quality and review efficiency.
pattern-detection
Pattern Detection When to use this skill Code review: Proactively detect problematic patterns Security review: Scan for vulnerability patterns Refactoring: Identify duplicate code Monitoring: Alert on anomalies Instructions Step 1: Detect code smell patterns Detect long functions: # Find functions with 50+ lines grep -n "function|def|func " /.{js,ts,py,go} | \ while read line; do file=$(echo $line | cut -d: -f1) linenum=$(echo $line | cut -d: -f2) # Function length calculation logic done Duplicate code patterns: # Search for similar code blocks grep -rn "if.==.null" --include=".ts" . grep -rn "try\s{" --include=".java" . | wc -l Magic numbers: # Search for hard-coded numbers grep -rn "[^a-zA-Z][0-9]{2,}[^a-zA-Z]" --include=".{js,ts}" . Step 2: Security vulnerability patterns SQL Injection risks: # SQL query built via string concatenation grep -rn "query.+.$|execute.%s|query.f"" --include=".py" . grep -rn "SELECT.+.||" --include=".{js,ts}" . Hard-coded secrets: # Password, API key patterns grep -riE "(password|secret|api_key|apikey)\s=\s*['"][^'"]+['"]" --include=".{js,ts,py,java}" . # AWS key patterns grep -rE "AKIA[0-9A-Z]{16}" . Dangerous function usage: # eval, exec usage grep -rn "eval(.)|exec(.)" --include=".{py,js}" . # innerHTML usage grep -rn "innerHTML\s*=" --include=".{js,ts}" . Step 3: Code structure patterns Import analysis: # Candidates for unused imports grep -rn "^import|^from.import" --include=".py" . | \ awk -F: '{print $3}' | sort | uniq -c | sort -rn TODO/FIXME patterns: # Find unfinished code grep -rn "TODO|FIXME|HACK|XXX" --include=".{js,ts,py}" . Error handling patterns: # Empty catch blocks grep -rn "catch.{[\s]}" --include=".{js,ts,java}" . # Ignored errors grep -rn "except:\spass" --include="*.py" . Step 4: Data anomaly patterns Regex patterns: import re patterns = { 'email': r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+.[a-zA-Z]{2,}', 'phone': r'\d{3}[-.\s]?\d{4}[-.\s]?\d{4}', 'ip_address': r'\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}', 'credit_card': r'\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}', 'ssn': r'\d{3}-\d{2}-\d{4}', } def detect_sensitive_data(text): found = {} for name, pattern in patterns.items(): matches = re.findall(pattern, text) if matches: found[name] = len(matches) return found Statistical anomaly detection: import numpy as np from scipy import stats def detect_anomalies_zscore(data, threshold=3): """Z-score-based outlier detection""" z_scores = np.abs(stats.zscore(data)) return np.where(z_scores > threshold)[0] def detect_anomalies_iqr(data, k=1.5): """IQR-based outlier detection""" q1, q3 = np.percentile(data, [25, 75]) iqr = q3 - q1 lower = q1 - k * iqr upper = q3 + k * iqr return np.where((data < lower) | (data > upper))[0] Step 5: Trend analysis import pandas as pd def analyze_trend(df, date_col, value_col): """Time-series trend analysis""" df[date_col] = pd.to_datetime(df[date_col]) df = df.sort_values(date_col) # Moving averages df['ma_7'] = df[value_col].rolling(window=7).mean() df['ma_30'] = df[value_col].rolling(window=30).mean() # Growth rate df['growth'] = df[value_col].pct_change() * 100 # Trend direction recent_trend = df['ma_7'].iloc[-1] > df['ma_30'].iloc[-1] return { 'trend_direction': 'up' if recent_trend else 'down', 'avg_growth': df['growth'].mean(), 'volatility': df[value_col].std() } Output format Pattern detection report # Pattern Detection Report ## Summary - Files scanned: XXX - Patterns detected: XX - High severity: X - Medium severity: X - Low severity: X ## Detected patterns ### Security vulnerabilities (HIGH) | File | Line | Pattern | Description | |------|------|------|------| | file.js | 42 | hardcoded-secret | Hard-coded API key | ### Code smells (MEDIUM) | File | Line | Pattern | Description | |------|------|------|------| | util.py | 100 | long-function | Function length: 150 lines | ## Recommended actions 1. [Action 1] 2. [Action 2] Best practices Incremental analysis: Start with simple patterns Minimize false positives: Use precise regex Check context: Understand the context around a match Prioritize: Sort by severity Constraints Required rules (MUST) Read-only operation Perform result verification State the possibility of false positives Prohibited (MUST NOT) Do not auto-modify code Do not log sensitive information References Regex101 OWASP Cheat Sheet Code Smell Catalog Examples Example 1: Basic usage Example 2: Advanced usageWeekly Installs10.2KRepositorysupercent-io/sk…templateGitHub Stars53First SeenJan 24, 2026Security AuditsGen Agent Trust HubPassSocketFailSnykPassInstalled oncodex10.2Kgemini-cli10.2Kopencode10.2Kgithub-copilot10.1Kcursor10.1Kamp10.1K
User Reviews (0)
Write a Review
No reviews yet
Statistics
User Rating
Rate this Skill