Code Scoring
by mgd34msu
Provides quantitative rubrics and criteria for scoring code quality on a 1-10 scale. Use when reviewing code, performing code audits, establishing quality baselines, comparing implementations, or providing objective code feedback.
Skill Details
Repository Files
5 files in this skill directory
name: code-scoring description: Provides quantitative rubrics and criteria for scoring code quality on a 1-10 scale. Use when reviewing code, performing code audits, establishing quality baselines, comparing implementations, or providing objective code feedback.
Code Scoring
Systematic, quantitative code quality assessment using weighted categories and standardized deductions.
Quick Start
Full code review with score:
Score this code on a 1-10 scale using the code-scoring rubric
Category-specific assessment:
Evaluate the error handling in this module using the scoring rubric
Compare implementations:
Score both implementations and recommend which is better
Scoring Methodology
The Formula
Final Score = 10 - Total Deductions
Where:
Total Deductions = SUM(Category Deductions * Category Weight)
Category Deduction = SUM(Issue Points * Severity Multiplier)
Category Weights
| Category | Weight | Focus Areas |
|---|---|---|
| Organization | 12% | File structure, module boundaries, separation of concerns |
| Naming | 10% | Variables, functions, classes, constants, files |
| Error Handling | 12% | Try/catch, validation, error propagation, recovery |
| Testing | 12% | Coverage, quality, edge cases, maintainability |
| Performance | 10% | Efficiency, resource usage, scalability |
| Security | 12% | Input validation, auth, data protection, secrets |
| Documentation | 8% | Comments, API docs, README, inline explanations |
| SOLID Principles | 10% | SRP, OCP, LSP, ISP, DIP adherence |
| Dependencies | 6% | Version management, minimal deps, no circular refs |
| Maintainability | 8% | Readability, complexity, changeability |
Total: 100%
Severity Multipliers
| Severity | Multiplier | Description |
|---|---|---|
| Critical | 2.0x | Security vulnerabilities, data loss risks, crashes |
| Major | 1.5x | Significant bugs, poor patterns, missing core functionality |
| Minor | 1.0x | Code smells, style issues, minor inefficiencies |
| Nitpick | 0.5x | Preferences, optional improvements |
Quick Scoring Cheat Sheet
| Score | Label | Meaning | Typical Characteristics |
|---|---|---|---|
| 10 | Exemplary | Production excellence | Minimal issues, well-tested, secure, documented |
| 9 | Excellent | Minor polish needed | 1-2 nitpicks, strong overall quality |
| 8 | Very Good | Ready with small fixes | Few minor issues, solid fundamentals |
| 7 | Good | Acceptable quality | Some improvements needed, no major issues |
| 6 | Satisfactory | Functional but rough | Multiple minor issues, needs cleanup |
| 5 | Adequate | Meets minimum bar | Works but has clear problems |
| 4 | Below Average | Needs significant work | Major issues present, risky to deploy |
| 3 | Poor | Substantial rework | Multiple major issues, architectural problems |
| 2 | Very Poor | Fundamental problems | Barely functional, serious concerns |
| 1 | Critical | Do not deploy | Security vulnerabilities, crashes, data risks |
Common Deductions Table
Quick reference for frequent issues. See references/deduction-catalog.md for complete list.
High-Impact Deductions
| Issue | Base Points | Category |
|---|---|---|
| SQL injection vulnerability | 2.0 | Security |
| Hardcoded secrets/credentials | 2.0 | Security |
| No error handling in critical path | 1.5 | Error Handling |
| Missing input validation | 1.5 | Security |
| No tests for core functionality | 1.5 | Testing |
| N+1 query pattern | 1.5 | Performance |
| God class (500+ lines) | 1.5 | Organization |
Medium-Impact Deductions
| Issue | Base Points | Category |
|---|---|---|
| Inconsistent naming convention | 1.0 | Naming |
| Missing JSDoc/docstrings on public API | 1.0 | Documentation |
| Circular dependency | 1.0 | Dependencies |
| Deeply nested code (4+ levels) | 1.0 | Maintainability |
| Magic numbers without constants | 1.0 | Naming |
| Empty catch blocks | 1.0 | Error Handling |
| Duplicated code blocks | 1.0 | Organization |
Low-Impact Deductions
| Issue | Base Points | Category |
|---|---|---|
| Inconsistent formatting | 0.5 | Maintainability |
| Missing edge case tests | 0.5 | Testing |
| Verbose variable names | 0.5 | Naming |
| Outdated dependencies (no CVEs) | 0.5 | Dependencies |
| Missing inline comments in complex logic | 0.5 | Documentation |
Scoring Workflow
Step 1: Initial Scan
1. Count lines of code
2. Identify file/module structure
3. Note language and framework
4. Check for tests presence
5. Scan for obvious red flags
Step 2: Category Assessment
For each of the 10 categories:
1. Review relevant code sections
2. Identify issues
3. Classify severity (critical/major/minor/nitpick)
4. Calculate: Issues * Severity Multiplier
5. Apply category weight
Step 3: Calculate Final Score
Final Score = 10 - (Sum of weighted deductions)
If score < 1: score = 1
If score > 10: score = 10
Step 4: Generate Report
## Code Score: X.X/10
### Score Breakdown
| Category | Weight | Deductions | Weighted |
|----------|--------|------------|----------|
| Organization | 12% | ... | ... |
| ... | ... | ... | ... |
### Critical Issues (Fix Immediately)
- [Issue 1]
### Major Issues (Fix Before Merge)
- [Issue 1]
### Minor Issues (Fix When Convenient)
- [Issue 1]
### Recommendations
- [Improvement 1]
Category Quick Guides
Organization (12%)
Excellent (0 deductions):
- Clear module boundaries
- Single responsibility per file
- Logical folder structure
- No circular dependencies
Red flags:
- Files > 500 lines: -1.0
- Mixed concerns in module: -1.0
- No clear structure: -1.5
- Circular dependencies: -1.0
Naming (10%)
Excellent (0 deductions):
- Descriptive, intention-revealing names
- Consistent convention (camelCase, snake_case)
- Domain terminology used correctly
- Acronyms handled consistently
Red flags:
- Single-letter variables (non-loop): -0.5
- Misleading names: -1.0
- Inconsistent convention: -1.0
- Magic numbers: -1.0
Error Handling (12%)
Excellent (0 deductions):
- All external calls wrapped
- Specific error types used
- Errors logged with context
- Graceful degradation where appropriate
Red flags:
- Empty catch blocks: -1.0
- Generic catch-all: -0.5
- Missing validation: -1.5
- Swallowed errors: -1.0
Testing (12%)
Excellent (0 deductions):
- 80%+ coverage on critical paths
- Unit, integration, and E2E tests
- Edge cases covered
- Tests are maintainable
Red flags:
- No tests: -2.0
- Only happy path: -1.0
- Flaky tests: -1.0
- Test code duplication: -0.5
Performance (10%)
Excellent (0 deductions):
- Efficient algorithms
- Appropriate caching
- No memory leaks
- Optimized queries
Red flags:
- N+1 queries: -1.5
- Blocking operations in hot path: -1.0
- Memory leaks: -1.5
- No pagination on lists: -1.0
Security (12%)
Excellent (0 deductions):
- Input validation on all boundaries
- Parameterized queries
- Secrets in environment variables
- Proper authentication/authorization
Red flags:
- SQL/command injection: -2.0
- Hardcoded secrets: -2.0
- Missing auth checks: -1.5
- XSS vulnerabilities: -1.5
Documentation (8%)
Excellent (0 deductions):
- Public API documented
- Complex logic explained
- README with setup instructions
- Changelog maintained
Red flags:
- No documentation: -1.5
- Outdated docs: -1.0
- Missing API docs: -1.0
- No README: -0.5
SOLID Principles (10%)
Excellent (0 deductions):
- Single responsibility classes
- Open for extension, closed for modification
- Proper abstractions
- Dependency injection used
Red flags:
- God classes: -1.5
- Tight coupling: -1.0
- Violation of LSP: -1.0
- Concrete dependencies: -0.5
Dependencies (6%)
Excellent (0 deductions):
- Minimal dependencies
- Locked versions
- No vulnerabilities
- Clear dependency boundaries
Red flags:
- CVE vulnerabilities: -2.0
- Circular dependencies: -1.0
- Excessive dependencies: -0.5
- Unlocked versions: -0.5
Maintainability (8%)
Excellent (0 deductions):
- Low cyclomatic complexity
- DRY principle followed
- Consistent style
- Easy to understand
Red flags:
- Cyclomatic complexity > 15: -1.0
- Duplicated code: -1.0
- Deep nesting (4+): -1.0
- Inconsistent style: -0.5
Score Interpretation Guide
Deployment Readiness
| Score Range | Deployment Decision |
|---|---|
| 8-10 | Ready for production |
| 7-7.9 | Ready with minor fixes |
| 5-6.9 | Needs review and fixes |
| 3-4.9 | Significant rework required |
| 1-2.9 | Do not deploy |
Review Actions
| Score Range | Required Actions |
|---|---|
| 9-10 | Approve immediately |
| 7-8.9 | Approve with suggestions |
| 5-6.9 | Request changes |
| 3-4.9 | Major revision needed |
| 1-2.9 | Reject with detailed feedback |
Reference Files
- references/scoring-rubrics.md - Detailed rubric for each category
- references/severity-weights.md - How to weight different issue types
- references/score-descriptors.md - What each score 1-10 means with examples
- references/deduction-catalog.md - Common issues and their point deductions
Related Skills
Mermaid Diagrams
Comprehensive guide for creating software diagrams using Mermaid syntax. Use when users need to create, visualize, or document software through diagrams including class diagrams (domain modeling, object-oriented design), sequence diagrams (application flows, API interactions, code execution), flowcharts (processes, algorithms, user journeys), entity relationship diagrams (database schemas), C4 architecture diagrams (system context, containers, components), state diagrams, git graphs, pie charts,
Matlab
MATLAB and GNU Octave numerical computing for matrix operations, data analysis, visualization, and scientific computing. Use when writing MATLAB/Octave scripts for linear algebra, signal processing, image processing, differential equations, optimization, statistics, or creating scientific visualizations. Also use when the user needs help with MATLAB syntax, functions, or wants to convert between MATLAB and Python code. Scripts can be executed with MATLAB or the open-source GNU Octave interpreter
Dask
Distributed computing for larger-than-RAM pandas/NumPy workflows. Use when you need to scale existing pandas/NumPy code beyond memory or across clusters. Best for parallel file processing, distributed ML, integration with existing pandas code. For out-of-core analytics on single machine use vaex; for in-memory speed use polars.
Consult Zai
Compare z.ai GLM 4.7 and code-searcher responses for comprehensive dual-AI code analysis. Use when you need multiple AI perspectives on code questions.
Writing Effective Prompts
Structure Claude prompts for clarity and better results using roles, explicit instructions, context, positive framing, and strategic organization. Use when crafting prompts for complex tasks, long documents, tool workflows, or code generation.
Analyze Performance
Establish performance baselines and detect regressions using flamegraph analysis. Use when optimizing performance-critical code, investigating performance issues, or before creating commits with performance-sensitive changes.
Flowchart Creator
Create HTML flowcharts and process diagrams with decision trees, color-coded stages, arrows, and swimlanes. Use when users request flowcharts, process diagrams, workflow visualizations, or decision trees.
Bio Reporting Rmarkdown Reports
Create reproducible bioinformatics analysis reports with R Markdown including code, results, and visualizations in HTML, PDF, or Word format. Use when generating analysis reports with RMarkdown.
Desmos Graphing
Create interactive Desmos graphs in Obsidian using desmos-graph code blocks. Use when visualizing functions, parametric curves, inequalities, or mathematical relationships with customizable styling and settings.
Performance
Rendimiento & Optimización - Atoll Tourisme. Use when optimizing performance or profiling code.