Skill page Metrics v1.0.0

CodeQL for .NET

Use the open-source CodeQL ecosystem for .NET security analysis. Use when a repo needs CodeQL query packs, CLI-based analysis on open source codebases, or GitHub Action setup with explicit licensing caveats for private repositories.

Trigger On

the repo uses or wants CodeQL for .NET security analysis
GitHub code scanning is part of the CI plan

Workflow

Treat CodeQL as a security-analysis tool, not as a style checker.
Make the licensing and hosting model explicit before proposing it as the default gate.
Prefer manual build mode for compiled .NET projects when precision matters.

Deliver

explicit CodeQL setup or an explicit rejection with caveat documented
reproducible CI or local commands for running CodeQL in this repo

Validate

the chosen CodeQL path is allowed for the repo type
build mode is documented and reproducible

Load References

references/codeql.md
references/queries.md
references/workflow.md

Related skills

Skill

Asynkron.Profiler

v1.0.0

Use the open-source free `Asynkron.Profiler` dotnet tool for CLI-first CPU, allocation, exception, contention, and heap profiling of .NET commands or existing trace artifacts.

Metrics

dotnet skills install asynkron-profiler

Open skill page→

Skill

CLOC for .NET Repositories

v1.0.0

Use the open-source free `cloc` tool for line-count, language-mix, and diff statistics in .NET repositories.

Metrics

dotnet skills install cloc

Open skill page→

Skill

.NET Complexity Review

v1.0.0

Use free built-in .NET maintainability analyzers and code metrics configuration to find overly complex methods and coupled code.

Metrics

dotnet skills install complexity

Open skill page→