drzero-analysis
Deep codebase analysis without making changes - architecture review, quality assessment, and improvement recommendations
DrZero Analysis Mode
Read-only deep analysis of the codebase. Generates findings and recommendations without making any changes.
Installation Prerequisite
Install the DrZero Codex bundle before using this skill:
make codex-install-drzero SCOPE=repo
Analysis Dimensions
Architecture Review
- Dispatch agent: drzero-architecture
- Component boundaries and coupling
- Dependency graph analysis
- Design pattern identification
- Technical debt assessment
Security Audit
- Dispatch agent: drzero-security
- Vulnerability scanning (OWASP top 10)
- Secret detection in code and config
- Access control review
- Dependency audit (known CVEs)
Quality Assessment
- Code complexity metrics
- Test coverage gaps
- Documentation completeness
- Naming consistency
Performance Review
- Dispatch agent: drzero-performance
- N+1 query detection
- Resource utilization patterns
- Caching opportunities
- Bundle size analysis
Analysis Workflow
Analysis mode uses the DrZero proposer/solver pattern in read-only configuration:
-
Perspective Generation -- The drzero-proposer agent scans the codebase and generates analytical perspectives across five dimensions: architecture, security, performance, code quality, and technical debt. Each perspective becomes a discrete investigation task with a focused question and scope boundary.
-
Evidence Collection -- For each perspective, the drzero-solver agent (running in
sandbox_mode: read-only) collects concrete evidence: file paths, line ranges, metric values, dependency chains, and pattern occurrences. No files are modified. -
Multi-Perspective Synthesis -- Domain specialist agents are dispatched per dimension. The drzero-architecture agent evaluates component coupling and dependency graphs. The drzero-security agent checks OWASP categories and secret exposure. The drzero-performance agent profiles hot paths and resource patterns. Each specialist produces findings independently.
-
Scoring and Prioritization -- Findings use the same fail-closed scoring contract as the live Dr.Zero runtime. Proposer-side HRPO uses
(0.5 * format_score + difficulty_score) / 1.5(paper Section 3.2, rescaled to range[0.0, 1.0]from paper Eq. 4). Solver-side GRPO is only claimed when deterministic verification evidence exists; the canonical scorer derives a binary reward from observable outcome facts rather than model-authored utilities. Scores are computed viadrzero-score.py, producing a ranked list of improvement opportunities with explicit provenance. -
Report Assembly -- The orchestrator merges all specialist outputs into a single structured report. Duplicate or overlapping findings are consolidated. Cross-cutting concerns (e.g., a security issue that also affects performance) are linked.
Output
Generates a structured report with:
- Executive summary (3-5 key findings)
- Detailed findings per dimension
- Prioritized recommendations
- Estimated effort for top improvements
Use Cases
- Pre-refactoring assessment
- New team member onboarding
- Quarterly code health reviews
- Pre-release quality gates
Related Assets
cerberus
Multi-head code guardian for security, quality, and architecture review
Owner: epic-platform-sre
Analyze Testing Strategy Across Pipeline Stages
Comprehensive analysis of existing testing infrastructure mapped to pipeline stages (left-to-right), identifying gaps, overlaps, and optimization opportunities
Owner: thudak
drzero-autonomous
Autonomous repository improvement loop with two-phase propose-then-solve workflow using domain specialist agents
Owner: epic-platform-sre
drzero-council
Run a structured DrZero debate across domain specialists for architecture and design decisions
Owner: epic-platform-sre
the-savager
Brutal code review focused on correctness, security, and performance
Owner: epic-platform-sre
Example: Terraform Plan Review
Review Terraform plan output to identify risks, validate best practices, and provide actionable feedback before apply.
Owner: epic-platform-sre

