0-refactor-advisor
Transform technical debt into a prioritized roadmap with professional-grade refactoring reports.
- Audit legacy files to identify where to begin modernization efforts.
- Scan pull requests for tech debt before they reach the human reviewer.
- Quantify technical debt with a 0-10 score for project reporting.
Free
Included in download
- Downloadable skill package
- Works with Works with VS Code, GitHub Copilot
- 2 permissions declared
Sample input
// userService.js
async function processUser(u, t, r, adminKey) {
if (adminKey === 'secret_key_2024') {
if (u && u.email && u.email.includes('@')) {
const db = require('./db');
const existing = await db.query(`SELECT * FROM users WHERE email='${u.email}'`);
if (existing.length === 0) {
await db.query(`INSERT INTO users (email, type, role) VALUES ('${u.email}', '${t}', '${r}')`);
console.log('user created');
// TODO: send welcome email
const db2 = require('./db');
await db2.query(`UPDATE stats SET user_count = user_count + 1 WHERE id=1`);
} else {
console.log('user exists');
}
}
}
}
Sample output
REFACTOR ADVISOR REPORT ════════════════════════════════════════ File/Module: userService.js — processUser() Language: JavaScript (Node.js) Lines: ~20 ════════════════════════════════════════
TECHNICAL DEBT SCORE: 8/10 Smells found: 7 total (3 critical · 3 medium · 1 low)
QUICK WINS (each < 15 min) ────────────────────────────
- Line 2 — Magic String — extract 'secret_key_2024' to process.env.ADMIN_KEY
- Line 13 — Dead Code — remove duplicate const db2 = require('./db'); use existing db
- Line 1 — Poor Naming — rename u→user, t→type, r→role
PRIORITY REFACTORS ────────────────────────────────────────────────────── #1 Severity: CRITICAL Smell: SQL Injection (Magic String in query) Location: Lines 6, 8, 10 — template literals inside db.query() Problem: String interpolation in SQL queries is not escaped. An attacker controlling u.email can exfiltrate or destroy the database. Fix: Replace with parameterized queries: db.query('SELECT * FROM users WHERE email = $1', [user.email]) [... abbreviated ...]
0-refactor-advisor
Transform technical debt into a prioritized roadmap with professional-grade refactoring reports.
Free
Included in download
- Downloadable skill package
- Works with Works with VS Code, GitHub Copilot
- 2 permissions declared
- Instant install
Sample input
// userService.js
async function processUser(u, t, r, adminKey) {
if (adminKey === 'secret_key_2024') {
if (u && u.email && u.email.includes('@')) {
const db = require('./db');
const existing = await db.query(`SELECT * FROM users WHERE email='${u.email}'`);
if (existing.length === 0) {
await db.query(`INSERT INTO users (email, type, role) VALUES ('${u.email}', '${t}', '${r}')`);
console.log('user created');
// TODO: send welcome email
const db2 = require('./db');
await db2.query(`UPDATE stats SET user_count = user_count + 1 WHERE id=1`);
} else {
console.log('user exists');
}
}
}
}
Sample output
REFACTOR ADVISOR REPORT ════════════════════════════════════════ File/Module: userService.js — processUser() Language: JavaScript (Node.js) Lines: ~20 ════════════════════════════════════════
TECHNICAL DEBT SCORE: 8/10 Smells found: 7 total (3 critical · 3 medium · 1 low)
QUICK WINS (each < 15 min) ────────────────────────────
- Line 2 — Magic String — extract 'secret_key_2024' to process.env.ADMIN_KEY
- Line 13 — Dead Code — remove duplicate const db2 = require('./db'); use existing db
- Line 1 — Poor Naming — rename u→user, t→type, r→role
PRIORITY REFACTORS ────────────────────────────────────────────────────── #1 Severity: CRITICAL Smell: SQL Injection (Magic String in query) Location: Lines 6, 8, 10 — template literals inside db.query() Problem: String interpolation in SQL queries is not escaped. An attacker controlling u.email can exfiltrate or destroy the database. Fix: Replace with parameterized queries: db.query('SELECT * FROM users WHERE email = $1', [user.email]) [... abbreviated ...]
About This Skill
High-Level Code Quality Analysis
Refactor Advisor is a specialized developer tool designed to bridge the gap between "working code" and "clean code." It acts as a deep-scanning auditor that identifies technical debt, structural flaws, and security risks using industry-standard patterns like SOLID principles and Martin Fowler’s refactoring catalog.
What it does
Unlike generic AI prompts, this skill applies a strict heuristic framework to your codebase. It categorizes issues from "Poor Naming" to "God Classes," calculates a quantitative Technical Debt Score, and identifies "Quick Wins" that provide immediate value with minimal risk.
- Detailed Auditing: Scans for 10+ specific code smells including Feature Envy, Deep Nesting, and Magic Numbers.
- Prioritized Reporting: Ranks issues by severity (Critical/Medium/Low) so you know exactly where to start.
- Risk Management: Explicitly flags when a refactor requires "Tests First" to prevent silent regressions.
- Framework Agnostic: Works across any language or environment, from legacy Node.js monoliths to modern Python microservices.
Why use this skill
Prompting a standard AI to "make my code better" often results in subjective style changes or dangerous rewrites. Refactor Advisor provides a structured report with exact line ranges and concrete transformation steps, ensuring that code quality is improved without breaking existing contracts or introducing security vulnerabilities like SQL injection.
Use Cases
- Audit legacy files to identify where to begin modernization efforts.
- Scan pull requests for tech debt before they reach the human reviewer.
- Quantify technical debt with a 0-10 score for project reporting.
- Identify security-critical smells like SQL injection and hardcoded secrets.
- Refactor this code
- Find code smells in this file
- What should I refactor first?
Known Limitations
Small file with no smells found (< 20 lines, clean code):: Generated code (ORM migrations, protobuf stubs, gRPC generated files): Identify the file as generated at the top of the report, mark all smell ratings as N/A, and only flag issues if it's clear that manual edits were made inside the generated section.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/0-refactor-advisor -o /tmp/0-refactor-advisor.zip && unzip -o /tmp/0-refactor-advisor.zip -d ~/.claude/skills && rm /tmp/0-refactor-advisor.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Works with VS Code/GitHub Copilot, Cursor, OpenAI Codex, Google Antigravity, Claude Code, and any agent supporting the AgentSkills open standard. Install at .agents/skills/0-refactor-advisor/SKILL.md.