SonarQube
Enforces SonarQube quality and security in the agent loop with PostToolUse analysis and pre-tool secrets scanning.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for SonarQube, derived from its capabilities.
AIVSS 4.3 · Medium
View MAESTRO 7-layer threat model →Overview
This plugin runs SonarQube's 7,000+ rules, secrets scanning, and agentic analysis after every file edit via PostToolUse hooks, and blocks 450+ secret patterns before they reach the LLM with a pre-tool hook. It applies quality gates across 40+ languages inside Claude Code. The hook surface makes it a strong example of a plugin with real event-driven security enforcement.
Key features
- PostToolUse analysis after each edit
- Pre-tool secrets scanning (450+ patterns)
- 7,000+ rules across 40+ languages
- Quality gates
Use cases
- Enforcing code quality and security continuously
- Preventing secrets from reaching the model