Skip to main content

What it does

/analyze runs a comprehensive review across four domains: code quality, security, performance, and architecture. You can target a specific domain or run all four for a full report. Each finding is reported with a severity level and a specific fix recommendation.

When to use

Use /analyze when you want an objective assessment of your codebase — before a major refactor, after a sprint, when onboarding to an existing codebase, or as a pre-ship checklist. For a focused security review run with --focus security; for a performance investigation use --focus performance.

Prerequisites

  • The code you want to analyze is present in the working directory

Conversation mode

Either mode works.

What happens

1

Quality analysis

Code smells, duplication, complexity, maintainability index, dead code, unused imports, and naming conventions are reviewed.
2

Security analysis

The security-review skill is loaded for the full OWASP checklist — auth, input handling, secrets exposure, and sensitive data handling.
3

Performance analysis

The performance-optimization skill is loaded. Performance is measured before analyzing — no recommendations without data.
4

Architecture analysis

The architecture-design skill is loaded for structural analysis — component relationships, boundaries, coupling, and cohesion.
5

Report findings

Each finding is reported with: domain, severity, location (file:line), description, and a specific fix recommendation.
6

Prioritize actions

Critical and High findings must be fixed before proceeding. Medium findings become tasks. Low and Info findings are documented for future improvement.

Skills invoked

  • security-review — OWASP checklist for security domain
  • performance-optimization — measurement-first performance analysis
  • architecture-design — structural and coupling analysis

Usage

/analyze
/analyze --focus quality
/analyze --focus security
/analyze --focus performance
/analyze --focus architecture

Output format

For each finding:
FieldDescription
Domainquality / security / performance / architecture
Severitycritical / high / medium / low / info
Locationfile:line
IssueWhat’s wrong
RecommendationSpecific fix

Example

/analyze --focus security
Antigravity loads the security-review skill and reports findings like: 
Domain: security
Severity: HIGH
Location: src/api/users.js:47
Issue: User input from req.body.username passed directly to SQL query — SQL injection risk
Recommendation: Use parameterized queries: db.query('SELECT * FROM users WHERE id = ?', [req.body.username])

/improve

Apply the fixes that /analyze identifies.

/review

Code review against plan compliance — complements /analyze’s technical focus.

/troubleshoot

For issues that /analyze surfaces that require deep debugging.

/design

Address architectural issues that /analyze flags by redesigning the affected components.

Build docs developers (and LLMs) love

Get started for freeTalk to us