static-analysis

Guide agents through selecting, running, and triaging static analysis tools for C/C++ — clang-tidy, cppcheck, and scan-build — including suppression strategies and CI integration.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "static-analysis" with this command: npx skills add mohitmishra786/low-level-dev-skills/mohitmishra786-low-level-dev-skills-static-analysis

Static Analysis

Purpose

Guide agents through selecting, running, and triaging static analysis tools for C/C++ — clang-tidy, cppcheck, and scan-build — including suppression strategies and CI integration.

Triggers

  • "How do I run clang-tidy on my project?"

  • "What clang-tidy checks should I enable?"

  • "cppcheck is reporting false positives — how do I suppress them?"

  • "How do I set up scan-build for deeper analysis?"

  • "My build is noisy with static analysis warnings"

  • "How do I generate compile_commands.json for clang-tidy?"

Workflow

  1. Generate compile_commands.json

clang-tidy requires a compilation database:

CMake (preferred)

cmake -S . -B build -DCMAKE_EXPORT_COMPILE_COMMANDS=ON ln -s build/compile_commands.json .

Bear (for Make-based projects)

bear -- make

compiledb (alternative for Make)

pip install compiledb compiledb make

  1. Run clang-tidy

Single file

clang-tidy src/foo.c -- -std=c11 -I include/

Whole project via compile_commands.json

run-clang-tidy -p build/ -j$(nproc)

With specific checks enabled

clang-tidy -checks='bugprone-,modernize-,performance-*' src/foo.cpp

Apply auto-fixes

clang-tidy -checks='modernize-use-nullptr' -fix src/foo.cpp

  1. Check category decision tree

Goal? ├── Find real bugs → bugprone-, clang-analyzer- ├── Modernise C++ code → modernize-* ├── Follow core guidelines → cppcoreguidelines-* ├── Catch performance issues → performance-* ├── Security hardening → cert-, hicpp- └── Readability / style → readability-, llvm-

Category Key checks What it catches

bugprone-*

use-after-move , integer-division , suspicious-memset-usage

Likely bugs

modernize-*

use-nullptr , use-override , use-auto

C++11/14/17 idioms

cppcoreguidelines-*

avoid-goto , pro-bounds-* , no-malloc

C++ Core Guidelines

performance-*

unnecessary-copy-initialization , avoid-endl

Performance regressions

clang-analyzer-*

core.* , unix.* , security.*

Path-sensitive bugs

cert-*

err34-c , str51-cpp

CERT coding standard

  1. .clang-tidy configuration file

.clang-tidy — place at project root

Checks: > bugprone-, modernize-, performance-, -modernize-use-trailing-return-type, -bugprone-easily-swappable-parameters WarningsAsErrors: 'bugprone-,clang-analyzer-' HeaderFilterRegex: '^(src|include)/.' CheckOptions:

  • key: modernize-loop-convert.MinConfidence value: reasonable
  • key: readability-identifier-naming.VariableCase value: camelCase
  1. Suppress false positives

// Suppress a single line int result = riskyOp(); // NOLINT(bugprone-signed-char-misuse)

// Suppress a block // NOLINTNEXTLINE(cppcoreguidelines-avoid-magic-numbers) constexpr int BUFFER_SIZE = 4096;

// Suppress whole function [[clang::suppress("bugprone-")]] void legacy_code() { / ... */ }

Or in .clang-tidy :

Exclude third-party directories

HeaderFilterRegex: '^(src|include)/.*'

Disable specific checks

Checks: '-bugprone-easily-swappable-parameters'

  1. Run cppcheck

Basic run

cppcheck --enable=all --std=c11 src/

With compile_commands.json

cppcheck --project=build/compile_commands.json

Include specific checks and suppress noise

cppcheck --enable=warning,performance,portability
--suppress=missingIncludeSystem
--suppress=unmatchedSuppression
--error-exitcode=1
src/

Generate XML report for CI

cppcheck --xml --xml-version=2 src/ 2> cppcheck-report.xml

--enable= value What it checks

warning

Undefined behaviour, bad practices

performance

Redundant operations, inefficient patterns

portability

Non-portable constructs

information

Configuration and usage notes

all

Everything above

  1. Path-sensitive analysis with scan-build

Intercept a Make build

scan-build make

Intercept CMake build

scan-build cmake --build build/

Show HTML report

scan-view /tmp/scan-build-*/

With specific checkers

scan-build -enable-checker security.insecureAPI.gets
-enable-checker alpha.unix.cstring.BufferOverlap
make

scan-build finds deeper bugs than clang-tidy: use-after-free across functions, dead stores from logic errors, null dereferences on complex paths.

  1. CI integration

GitHub Actions

  • name: Static analysis run: | cmake -S . -B build -DCMAKE_EXPORT_COMPILE_COMMANDS=ON run-clang-tidy -p build -j$(nproc) -warnings-as-errors '*'

  • name: cppcheck run: | cppcheck --enable=warning,performance
    --suppress=missingIncludeSystem
    --error-exitcode=1
    src/

For clang-tidy check details, see references/clang-tidy-checks.md.

Related skills

  • Use skills/compilers/clang for Clang toolchain and diagnostic flags

  • Use skills/compilers/gcc for GCC warnings as complementary analysis

  • Use skills/runtimes/sanitizers for runtime bug detection alongside static analysis

  • Use skills/build-systems/cmake for CMAKE_EXPORT_COMPILE_COMMANDS setup

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

cmake

No summary provided by upstream source.

Repository SourceNeeds Review
190-mohitmishra786
Coding

llvm

No summary provided by upstream source.

Repository SourceNeeds Review
112-mohitmishra786
Coding

gdb

No summary provided by upstream source.

Repository SourceNeeds Review
45-mohitmishra786
Coding

linux-perf

No summary provided by upstream source.

Repository SourceNeeds Review
43-mohitmishra786