Skip to main content

Language-agnostic software intelligence and architecture review CLI

Project description

SKTR - System Knowledge & Technical Review

SKTR

System Knowledge & Technical Review

Understand your software before you change it.

Release candidate: 1.0.0rc1 is the first public preview of the v1 interface and artifact contract. Please report reproducible feedback through the issue tracker.

SKTR is a language-agnostic software intelligence CLI. It turns Git changes into a structured knowledge model, enriches that model with deterministic engineering metrics, applies architecture rules, and produces review artifacts for people and automation. Optional AI features explain the evidence; they do not replace it.

What is SKTR?

Run sktr review inside a configured Git repository to answer practical review questions:

  • Which modules and public symbols changed?
  • Did this change introduce new internal dependencies or dependency cycles?
  • Which files and functions deserve attention first?
  • Does the change violate a configured architecture boundary?
  • What structured artifact can CI, reports, and future tooling consume?

The core is language-agnostic. Python, JavaScript/TypeScript, and Java analyzers, rule packs, outputs, and AI providers are discovered as plugins through Python entry points.

Why SKTR?

Code review tools often begin with raw source and ask a model to discover what matters. SKTR begins with deterministic facts. Git scope, symbols, dependencies, metrics, rules, risk, and review priority are computed first. AI features receive that structured context instead of the whole repository.

SKTR remains useful with AI disabled, produces stable output, and stores the result as a versioned JSON artifact rather than only printing prose.

Features

  • Working-tree, branch, explicit-base, and commit review scopes
  • Python analysis using the standard ast module
  • JavaScript, JSX, TypeScript, TSX, and Java analysis using Tree-sitter
  • Deterministic architecture and maintainability rules
  • Configurable forbidden module dependencies and thresholds
  • Knowledge enrichment with file, symbol, dependency, module, risk, and priority metrics
  • Terminal, Markdown, JSON, and Mermaid output
  • Plugin discovery and diagnostics
  • CI severity gates, path exclusions, and parse diagnostics
  • Optional OpenAI-powered explanations and recommendations

Quickstart

SKTR requires Python 3.13 or newer and a Git repository. Install RC1 explicitly:

python -m pip install --pre sktr==1.0.0rc1
sktr --version
sktr --help
cd your-project
sktr init --yes
sktr review

Common next steps:

sktr review --ai
sktr review --ai --model gpt-5.6-terra
sktr review --format markdown --output REVIEW.md
sktr review --format json --output sktr-review.json
sktr graph --format mermaid --output architecture.mmd
sktr graph --scope repository --focus orders

See the quickstart for review scopes and a complete first run. See architecture graphs for repository and focused views. See analyzer semantics for visibility, modules, and metrics. See the CLI reference for every command and exit status.

Example output

SKTR Review

Summary
Risk: Medium
Score: 76/100
Changed files: 3
Issues: 2

Findings
High
! Forbidden dependency
  controllers/order_controller.py imports repositories/order_repository.py
  Reason: Controllers should access repositories through services.

Medium
! Large function detected
  create_order has 114 lines.

AI Review
Overview
The change crosses the controller-to-repository boundary and concentrates new
order behavior in one large function.

AI output appears only when enabled. Deterministic findings and scoring are the same with or without AI.

Configuration

sktr init creates sktr.yml. Use interactive setup to choose plugins, rules, outputs, and optional AI features, or use sktr init --yes for safe defaults.

project:
  name: sample-app
  default_base: main
review:
  default_scope: working_tree
  fail_on: null
  exclude:
    - node_modules/
    - .venv/
    - dist/
    - build/
    - target/
plugins:
  analyzers:
    - sktr-python
    - sktr-javascript-typescript
    - sktr-java
  rules:
    - sktr-rules-default
  outputs:
    - terminal
    - markdown
    - json
    - mermaid
rules:
  enabled:
    - new_dependency
    - large_file
    - large_function
    - forbidden_dependency
  large_file:
    max_changed_lines: 300
  large_function:
    max_lines: 80
  forbidden_dependencies:
    - source: controllers
      target: repositories
      reason: Controllers should access repositories through services.
ai:
  enabled: false

API keys never belong in this file. See the complete configuration reference.

Risk score

The score starts at 100. Deterministic findings subtract severity-weighted penalties, with caps for repeated findings and categories. A separate bounded review-breadth penalty accounts for production files, changed modules, public API changes, and unusually large diffs. Documentation and test files are reported but do not count as production files. Informational findings do not lower the score.

  • Low: 85-100
  • Medium: 65-84
  • High: 40-64
  • Critical: 0-39

AI features

AI is optional. SKTR can ask a configured provider to explain deterministic findings and recommend focused next steps using structured SKTR context.

export SKTR_OPENAI_API_KEY="your-api-key"
sktr ai doctor
sktr review --ai

OpenAI key resolution is SKTR_OPENAI_API_KEY first, then OPENAI_API_KEY. SKTR never stores or prints the key. See AI setup.

Plugins

SKTR discovers analyzers, rule packs, outputs, and AI providers from these entry point groups:

  • sktr.analyzers
  • sktr.rules
  • sktr.outputs
  • sktr.ai_providers
sktr plugins list
sktr plugins doctor

See the plugin guide to build or distribute a plugin.

Roadmap

SKTR 1.0 packages the deterministic review, three bundled analyzers, stable JSON artifact, architecture graphing, CI gates, and optional AI Review developed through v0.20. Post-v1 work remains tracked in the canonical roadmap.

The v0.16-v0.18 roadmap delivered bundled JavaScript/TypeScript and Java analyzers, followed by CI severity gates, exclusions, parse diagnostics, and a frozen artifact schema. v0.19 added repository-context graphs, and v0.20 added evidence-based API exposure, logical application modules, alias resolution, and more precise React and Java signals. See the canonical roadmap for milestone deliverables and deferred post-v1 work.

Contributing

Development uses uv:

uv sync
uv run pytest
uv run sktr review

Read CONTRIBUTING.md and development.md before adding an analyzer, rule, output, or provider. Release work is tracked in the v1.0.0rc1 checklist.

For help, see troubleshooting and the known limitations. Report sensitive vulnerabilities privately according to SECURITY.md. Release history is recorded in the changelog.

License

SKTR is available under the MIT License.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sktr-1.0.0rc1.tar.gz (1.3 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sktr-1.0.0rc1-py3-none-any.whl (73.2 kB view details)

Uploaded Python 3

File details

Details for the file sktr-1.0.0rc1.tar.gz.

File metadata

  • Download URL: sktr-1.0.0rc1.tar.gz
  • Upload date:
  • Size: 1.3 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for sktr-1.0.0rc1.tar.gz
Algorithm Hash digest
SHA256 4c74766135acf9a3a78a46328a0d2ab4168ffcb71ccc10df2b13d155710e1225
MD5 6dc91344011341ef1bf16c8af5f21c80
BLAKE2b-256 ddfb99ccb2aa65b67499972b13bad0b1d7b3c81b34dd693a65435a7e7e5867fd

See more details on using hashes here.

Provenance

The following attestation bundles were made for sktr-1.0.0rc1.tar.gz:

Publisher: release.yml on prubianes/sktr

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sktr-1.0.0rc1-py3-none-any.whl.

File metadata

  • Download URL: sktr-1.0.0rc1-py3-none-any.whl
  • Upload date:
  • Size: 73.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for sktr-1.0.0rc1-py3-none-any.whl
Algorithm Hash digest
SHA256 985a9fc1cac16d411d5fdc4eec1f249d0887abc8820180a6296f87cd78070359
MD5 bc1d6249caf1d0f68cc7189ece3595ab
BLAKE2b-256 3299fc3e517347d3be4a677e2bbcd5cec944f87a98f5c6275da7746b0588150d

See more details on using hashes here.

Provenance

The following attestation bundles were made for sktr-1.0.0rc1-py3-none-any.whl:

Publisher: release.yml on prubianes/sktr

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page