Search everything...

Stats

Actions

Available In

Help us improve

Share bugs, ideas, or general feedback.

sonarqube - Claude Code Plugin | ClaudePluginHub

Plugin

sonarqube

Name: sonarqube
Author: sonarsource

By SonarSource

Enforce SonarQube code quality and security rules directly in the agent's coding loop, with automated analysis, fix suggestions, and quality gate checks across multiple languages.

npx claudepluginhub sonarsource/sonarqube-agent-plugins --plugin sonarqube

Popularity

Stars

Top 10%

Med: 0·Avg: 274

Installs

Top 5%

Med: 0·Avg: 1

What's Inside

Skills9

sonar-analyze

/sonar-analyze

Analyze a file or code snippet for quality and security issues using SonarQube

sonar-coverage

/sonar-coverage

Find files with low test coverage and inspect uncovered lines in a SonarQube project (project key optional when MCP integration already defines the default project)

sonar-dependency-risks

/sonar-dependency-risks

Search for software composition analysis (SCA) dependency risks in a SonarQube project (project key optional when MCP integration already defines the default project)

sonar-duplication

/sonar-duplication

Find files with code duplications in a SonarQube project and inspect duplication blocks for a file (project key optional when MCP integration already defines the default project)

sonar-fix-issue

/sonar-fix-issue

Fix a specific SonarQube issue in code by rule key and location

Hooks1

Event Hooks

1 hook across 1 event

Stats

Version2.1.0

ReleasedMay 7, 2026

LanguageJavaScript

Stars90

Forks1

Copy clicks6

MaintenanceExcellent

LicenseSSAL-1.0

Last CommitMay 18, 2026

AddedMar 25, 2026

Actions

View on GitHub View README Plugin Marketplace JSON Homepage

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge.

Available In

claude-plugins-official29,090 sonar88 claude-plugins-official ccode-personal-plugins

Help us improve

Share bugs, ideas, or general feedback.

README

SonarQube agent integrations

Made by Sonar

Automatically enforce SonarQube code quality and security in the agent coding loop — 7,000+ rules, secrets scanning, agentic analysis, and quality gates across 40+ languages.

SonarQube combines deterministic checks with AI-assisted workflows so quality rules apply consistently to code from both developers and agents. Where your stack supports it, analysis and secrets scanning can run inside the agent loop instead of only in CI.

What do the plugins include

The Plugin helps agents connect to SonarQube CLI and SonarQube MCP Server for issue detection, checking project metrics such as test coverage & duplications, fetch dependency risks, etc. Claude Code & Copilot integrations (through SonarQube CLI) install agent hooks. This is coming soon for other agents too.

How to use: Run /sonarqube:sonar-integrate after installation to walk through setup — CLI installation, authentication, and wiring up the MCP Server and hooks. From there, use slash commands like /sonarqube:sonar-quality-gate to check quality gates or interact naturally with prompts like "analyze my code for issues," "show open SonarQube findings," or "check my coverage." With Agentic Analysis enabled, verification happens automatically after each edit with no manual invocation required.

Prerequisites

A SonarQube account (SonarQube Cloud, Server, or Community Build). Some features (for example Agentic Analysis) depend on your SonarQube Cloud organization settings.
SonarQube CLI (sonar) on your machine.
A container runtime (Docker, Podman, or Nerdctl) for the MCP server image.

Authenticate once with sonar auth login (browser flow; credentials stay in your OS keychain). The MCP server uses that login.

Check auth anytime:

sonar auth status

How plugins connect to SonarQube

Claude Code and GitHub Copilot CLI

SonarQube CLI can wire everything for you:

sonar integrate claude    # Claude Code: MCP, hooks, secrets scanning, etc.
sonar integrate copilot   # GitHub Copilot CLI: MCP setup

Run these after sonar auth login. Use the /sonarqube:sonar-integrate skill in Claude Code if you prefer a guided flow (install/update CLI, login, then integrate).

Other agents (Cursor, Gemini CLI, Codex, Kiro)

Each layout includes MCP configuration (for example mcp.json, gemini-extension.json, or kiro-power/mcp.json) that runs the mcp/sonarqube image and relies on SonarQube CLI for authentication—the same sonar auth login session.

Repository layout

Agent	Location
Claude Code	`.claude-plugin/`, `skills/`, `claude-hooks/`, `scripts/`
Cursor	`.cursor-plugin/` (+ shared `mcp.json`)
GitHub Copilot CLI	`.github/plugin/` (+ shared `mcp.json`)
Codex	`.codex-plugin/`
Gemini CLI	`gemini-extension.json`, `GEMINI.md`
Kiro	`kiro-power/`

Usage

Skills are the same across agents. Ask in natural language, invoke skills explicitly, or use the SonarQube MCP tools your client shows after MCP starts.

MCP reference: SonarQube MCP Server docs.

Skills

Set up

/sonarqube:sonar-integrate

List projects

/sonarqube:sonar-list-projects
/sonarqube:sonar-list-projects my-project

List issues

/sonarqube:sonar-list-issues
/sonarqube:sonar-list-issues my-project --severity CRITICAL

Fix an issue

/sonarqube:sonar-fix-issue java:S1481 src/main/java/MyClass.java
/sonarqube:sonar-fix-issue python:S2077 src/auth/login.py:34

Quality gate / analyze / coverage / duplication / dependency risks

/sonarqube:sonar-quality-gate
/sonarqube:sonar-quality-gate my-project --branch main

/sonarqube:sonar-analyze
/sonarqube:sonar-analyze src/auth/login.py

/sonarqube:sonar-coverage
/sonarqube:sonar-coverage my-project --max 50
/sonarqube:sonar-coverage my-project --file src/auth/login.py

/sonarqube:sonar-duplication
/sonarqube:sonar-duplication my-project --pr 42

/sonarqube:sonar-dependency-risks
/sonarqube:sonar-dependency-risks my-project --pr 42

Claude Code plugin

Install from Anthropic's marketplace claude-plugins-official:

/plugin install sonarqube@claude-plugins-official

claude plugin install sonarqube@claude-plugins-official

One-time setup

Node.js — for the SessionStart hook (scripts/setup.js).
Install SonarQube CLI if needed, then /sonarqube:sonar-integrate or sonar auth login + sonar integrate claude.

sonar auth login by scenario:

View full README on GitHub

Help us improve

Find plugins for your project

Help us improve

sonarqube

Popularity

What's Inside

Help us improve

Health & Quality

Confidence

README

SonarQube agent integrations

What do the plugins include

Prerequisites

How plugins connect to SonarQube

Claude Code and GitHub Copilot CLI

Other agents (Cursor, Gemini CLI, Codex, Kiro)

Repository layout

Usage

Skills

Set up

List projects

List issues

Fix an issue

Quality gate / analyze / coverage / duplication / dependency risks

Claude Code plugin

One-time setup

Similar Plugins

code-quality-orchestrator

sentrux

code-guardian

rubycritic-skill

project-health-auditor

cyber-neo

SonarQube agent integrations

What do the plugins include

Prerequisites

How plugins connect to SonarQube

Claude Code and GitHub Copilot CLI

Other agents (Cursor, Gemini CLI, Codex, Kiro)

Repository layout

Usage

Skills

Set up

List projects

List issues

Fix an issue

Quality gate / analyze / coverage / duplication / dependency risks

Claude Code plugin

One-time setup