- Home
- Skills
- Wdm0006
- Python Skills
- Library Review
library-review_skill
- Python
6
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill wdm0006/python-skills --skill library-review- SKILL.md2.8 KB
Overview
This skill comprehensively reviews Python libraries for maintainability, correctness, and security. It inspects project structure, packaging, code quality, testing, documentation, API design, and CI/CD to produce actionable recommendations. Use it to evaluate library health before releases, audits, or dependency adoption.
How this skill works
It runs a quick health check (repo layout, pyproject.toml, test presence, coverage, basic security scans) and then performs deeper inspections across eight dimensions: structure, packaging, code, tests, security, docs, API design, and CI/CD. The output is a concise report with strengths, categorized scores, and prioritized recommendations you can act on. Checks include static analysis, type hint coverage, test coverage thresholds, dependency hygiene, and CI configuration review.
When to use it
- Before a major release or public announcement
- When auditing dependencies for security and maintainability
- During an open-source quality improvement initiative
- As part of a pre-merge checklist for library PRs
- When preparing a package for PyPI distribution
Best practices
- Keep pyproject.toml as the authoritative build config and prefer src/ layout
- Provide type hints on the public API and include a py.typed marker
- Maintain automated tests with target coverage (aim >80%) and test edge cases
- Run CI on PRs across supported Python versions and include security scans
- Ship a clear README, changelog, LICENSE, and contribution guide
Example use cases
- Audit a third-party dependency before adding it to production
- Prepare an internal library for semantic versioning and release
- Create a prioritized action plan to raise a library from ‘Needs Work’ to ‘Good’
- Perform recurring health checks on core libraries as part of engineering hygiene
- Review community contributions to ensure they meet project quality standards
FAQ
A five-minute health check: verify pyproject.toml, ensure tests exist and collect, run pytest with coverage, and run a basic security scan (bandit/pip-audit).
What constitutes a blocking issue?
Blocking issues include no tests, no license, hardcoded secrets, pinned exact dependency versions across the board, or an unmaintained repo (last commit >1 year) — these require immediate remediation.