From asyrafhussin-agent-skills-1
Detects AI-generated code patterns in PHP/Laravel and TypeScript/React: comment narration, generic naming, over-engineering, and taste issues. Used for reviewing AI-assisted PRs or hardening code-review checklists.
How this skill is triggered — by the user, by Claude, or both
Slash command
/asyrafhussin-agent-skills-1:code-slopThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Taste-level review of code for AI-generated patterns. Contains 24 rules across 6 categories covering comments, naming, over-engineering, defensive overdose, test slop, and style fingerprints. Where [`technical-debt`](../technical-debt) measures *quantitative* code debt (complexity, duplication, CVEs), this skill measures the *qualitative* failure mode: code that passes every metric but reads li...
AGENTS.mdREADME.mdmetadata.jsonrules/_sections.mdrules/_template.mdrules/comments-closing-brace-labels.mdrules/comments-empty-docblocks.mdrules/comments-narration.mdrules/comments-placeholder.mdrules/defensive-generic-catch.mdrules/defensive-impossible-null.mdrules/defensive-missing-real.mdrules/naming-generic-placeholders.mdrules/naming-over-descriptive.mdrules/naming-suffix-abuse.mdrules/naming-type-in-name.mdrules/over-eng-dependency-creep.mdrules/over-eng-premature-interface.mdrules/over-eng-single-method-class.mdrules/over-eng-useless-wrapper.mdTaste-level review of code for AI-generated patterns. Contains 24 rules across 6 categories covering comments, naming, over-engineering, defensive overdose, test slop, and style fingerprints. Where technical-debt measures quantitative code debt (complexity, duplication, CVEs), this skill measures the qualitative failure mode: code that passes every metric but reads like a tutorial blog post, not like a human wrote it.
Industry data on AI-assisted code (GitClear 2025, cURL bug-bounty shutdown 2025, arXiv 2510.03029):
None of this fails a typical CI lint. It just makes the codebase slowly unmaintainable. This skill is the lens for catching it before it ships.
The core insight: reading cost > writing cost now. The cost of writing code collapsed; the cost of reading it didn't. Code you can't quickly understand is slop, even if it works.
When the user asks "review for AI slop", "audit code-quality taste", or "find AI patterns" — run through this skill's rules as a checklist against the changed files (PR diff) or full repo.
| Signal | Stack |
|---|---|
composer.json + artisan | PHP / Laravel |
package.json (with TypeScript/React deps) | Node / TypeScript / React |
| Both present | Laravel + Inertia + React |
For each item below, output:
// create user above User::create(...))/** Get user */ above getUser())// TODO: implement, // your code here, // implementation)} // end function, } // end if block)data, result, info, temp, helper)theUserWhoIsCurrentlyLoggedIn)*Helper / *Manager / *Util / *Wrapper overused without justification)userObject, resultArray, stringData)catch (e) { console.error(...) } blocks around code that can't throwas any / @ts-ignore / @ts-expect-error sprinkled where inference is hard// HACK: / // XXX: / 2am comments somewhere — codebases without scars are suspectconsole.log, var_dump, dd(), dump()) left in production codeif (x) return true; else return false / redundant type annotations on obvious literalsEnd the audit with a verdict table:
## Code Slop Ledger
| File | Verdict | Top findings | Suggested action |
|------|---------|--------------|------------------|
| app/Services/UserExportService.php | INFLATED | 12 narration comments; 3 closing-brace labels; `*Helper` overuse | Strip comments; rename Helper → split into functions |
| resources/js/Pages/Orders/Show.tsx | CRITICAL | 4 `as any`; mock-everything tests; useless wrapper; impossible null checks | Rewrite section; remove tests; revisit type model |
| app/Models/Order.php | CLEAN | — | — |
## Summary
- CLEAN: X files
- SUSPICIOUS: Y files
- INFLATED: Z files (top priority: …)
- CRITICAL: N files (rewrite before merge)
Reference this skill when:
Most rules are stack-agnostic in concept, but examples and detection commands differ between PHP and TypeScript.
| Signal | Stack | Tooling |
|---|---|---|
composer.json | PHP / Laravel | phpstan, phpcs, phpmd, manual grep |
package.json | Node / TS / React | eslint, tsc --noEmit, knip, manual grep |
| Priority | Category | Impact | Prefix |
|---|---|---|---|
| 1 | Comments | CRITICAL | comments- |
| 2 | Naming | CRITICAL | naming- |
| 3 | Over-engineering | HIGH | over-eng- |
| 4 | Defensive overdose | HIGH | defensive- |
| 5 | Test slop | HIGH | test- |
| 6 | Style fingerprints | MEDIUM | style- |
comments-narration — Comments that just restate the code on the next linecomments-empty-docblocks — Generic /** Get the user */ over a typed getUser() signaturecomments-placeholder — // TODO: implement, // your code here, // implementation, // helper functioncomments-closing-brace-labels — } // end function / } // end if blocknaming-generic-placeholders — data, result, info, temp, helper, valuenaming-over-descriptive — theUserWhoIsCurrentlyLoggedIn, calculateTotalAmountFromItemsListnaming-suffix-abuse — *Helper / *Manager / *Util / *Wrapper / *Processor overusednaming-type-in-name — userObject, resultArray, stringData, listOfItemsover-eng-premature-interface — Interface with exactly one implementation and no second on the roadmapover-eng-single-method-class — Classes that exist solely to wrap one functionover-eng-useless-wrapper — Wrapper called from exactly one place, just delegatingover-eng-dependency-creep — New library when an existing dep already does the jobdefensive-generic-catch — try { ... } catch (e) { console.error("error") } everywheredefensive-impossible-null — Null checks after non-null assertions / type-guaranteed valuesdefensive-missing-real — Defensive in the wrong places; missing timeouts/rate-limits where it matterstest-mock-everything — Mock for every dep; the test re-encodes the implementation, not the behaviourtest-doesnt-throw — Tests that just call the function and assert no exceptiontest-mirror-implementation — Tests whose logic mirrors the production code being testedtest-snapshot-abuse — Snapshot tests replacing behavioural assertionsstyle-hyper-consistent — No formatting drift anywhere; every file looks linter-perfectstyle-as-any-escape — as any / @ts-ignore / @ts-expect-error sprinkled where types are hardstyle-no-hack-scars — Codebase has zero // HACK: / // XXX: markers; no "geology"style-debug-artifacts — console.log, var_dump, dd(), dump() left in production pathsstyle-trivial-boilerplate — if (x) return true; else return false;, redundant TS type annotations on obvious literalsFor each code chunk, ask:
// HACK: / // XXX: markers in the diff? → if no, suspicious for AI| Verdict | Meaning | Action |
|---|---|---|
| CLEAN | < 5% of lines flagged | Ship |
| SUSPICIOUS | 5–15% flagged | Review changes one more time |
| INFLATED | 15–30% flagged | Strip slop, split commits |
| CRITICAL | > 30% flagged | Rewrite section before merge |
Read individual rule files for detailed conventions and examples:
rules/comments-narration.md
rules/naming-generic-placeholders.md
rules/over-eng-premature-interface.md
rules/defensive-generic-catch.md
rules/test-mock-everything.md
rules/style-hyper-consistent.md
Each rule file contains:
GitClear — 2025 Code-Quality Trends Report (refactoring collapse, copy-paste surge)
arXiv 2510.03029 — Investigating the Smells of LLM-Generated Code
Addy Osmani — Comprehension Debt (O'Reilly Radar)
Stack Overflow Blog — Eno Reyes Q&A on AI code quality
hardikpandya/stop-slop — sister project for prose slop
flamehaven01/AI-SLOP-Detector — Python AST scanner with 27 patterns
For the complete guide with all rules expanded: AGENTS.md
npx claudepluginhub asyrafhussin/agent-skillsDetects and strips AI-generated slop from code: simplifies unnecessary complexity, removes rotten comments, checks design patterns. Runs on git changes or paths before PRs.
Conducts interactive audits of AI-generated or legacy codebases to identify technical debt, anti-patterns, quality issues, and modernization opportunities.
Provides AI-powered code review with static analysis, security scanning, and performance checks. Useful for ensuring code quality in pull requests and CI pipelines.