java-repo-assessment
Installation
SKILL.md
Java Repository Assessment Skill
Comprehensive quality and health report for Java projects. Combines established tooling for hard metrics with Git history forensics for behavioral insights using open-source tools.
Security Considerations
This skill executes external tools and compiles/tests code from the analyzed repository. Understand the risks before running.
Threat Model
| Risk | Source | Severity |
|---|---|---|
| Supply-Chain | Maven plugins resolved from Maven Central during pre-cache phase (verified via checksums, execution runs offline) | Low |
| Untrusted Code Execution | mvn compile executes annotation processors, build plugins; mvn test runs arbitrary test code |
High |
| Data Ingestion | XML reports, Git logs, and source code are parsed — potential prompt injection vectors | Low |