< DOCUMENTATION />

LucidShark is a unified code quality pipeline that bridges the trust gap between AI-generated code and production-ready standards.

Quick Start

Get LucidShark running with Claude Code in under a minute:

# 1. Install LucidShark
$ pip install lucidshark

# 2. Initialize Claude Code integration
$ lucidshark init

# 3. Restart Claude Code, then ask:
You: Autoconfigure LucidShark for this project

# Claude analyzes your codebase and generates lucidshark.yml

# 4. Restart Claude Code again to load the new config
# Now you can ask Claude to check your code quality anytime!
Recommended Setup: Let Claude Code autoconfigure LucidShark. It analyzes your codebase, asks clarifying questions about your preferences, and generates a tailored configuration. Remember to restart Claude Code twice: once after init, and again after autoconfiguration completes.

Installation

pip (Python 3.10+)

$ pip install lucidshark

Standalone Binary (Linux/macOS)

$ curl -fsSL https://raw.githubusercontent.com/toniantunovi/lucidshark/main/install.sh | bash

Standalone Binary (Windows)

> irm https://raw.githubusercontent.com/toniantunovi/lucidshark/main/install.ps1 | iex

Claude Code Setup

LucidShark integrates with Claude Code via the Model Context Protocol (MCP).

$ lucidshark init

This creates:

  • .mcp.json - MCP server configuration
  • .claude/skills/lucidshark/SKILL.md - Proactive scanning skill

Manual Setup

If you prefer manual configuration, create .mcp.json:

{
  "mcpServers": {
    "lucidshark": {
      "command": "lucidshark",
      "args": ["serve", "--mcp"]
    }
  }
}

CLI Commands

Command Description
lucidshark init Configure Claude Code integration
lucidshark scan Run quality pipeline
lucidshark serve --mcp MCP server for AI agents
lucidshark serve --watch File watcher mode
lucidshark status Show config and tool versions
lucidshark validate Validate lucidshark.yml
lucidshark doctor Health checks
lucidshark help LLM-friendly documentation

Global Options

  • --version - Show version
  • --debug - Enable debug logging
  • --verbose / -v - Enable info-level logging
  • --quiet / -q - Errors only

Scan Command

Run quality checks. By default, scans only uncommitted changes for fast feedback.

Scan Domains

$ lucidshark scan --linting        # Code style
$ lucidshark scan --type-checking  # Static analysis
$ lucidshark scan --sca            # Dependency vulnerabilities
$ lucidshark scan --sast           # Code security patterns
$ lucidshark scan --iac            # Infrastructure-as-Code
$ lucidshark scan --testing        # Test suites
$ lucidshark scan --coverage       # Coverage analysis
$ lucidshark scan --duplication    # Code duplication
$ lucidshark scan --all            # All domains

Common Examples

# Lint changed files (default)
$ lucidshark scan --linting

# Full project scan
$ lucidshark scan --all --all-files

# Specific files
$ lucidshark scan --files src/main.py src/utils.py

# Auto-fix linting issues
$ lucidshark scan --linting --fix

# JSON output
$ lucidshark scan --format json

Options

Option Description
--files FILE [FILE ...] Specific files only
--all-files Full project scan
--fix Auto-fix linting issues
--format {json,table,sarif,summary} Output format
--fail-on {critical,high,medium,low} Security threshold
--coverage-threshold PERCENT Coverage minimum (default: 80%)
--stream Real-time output

Exit Codes

Code Meaning
0 Success, no issues above threshold
1 Issues found above threshold
2 Tool execution error
3 Configuration error
4 Bootstrap/download failure

Configuration (lucidshark.yml)

Define your quality standards in a version-controlled config file.

Complete Example

version: 1

project:
  name: my-app
  languages: [python, typescript]

pipeline:
  max_workers: 4

  linting:
    enabled: true
    exclude: ["migrations/**", "generated/**"]
    tools:
      - name: ruff
        config: ruff.toml
      - name: eslint

  type_checking:
    enabled: true
    tools:
      - name: mypy
        strict: true

  security:
    enabled: true
    tools:
      - name: trivy
        domains: [sca, container]
      - name: opengrep
        domains: [sast]

  testing:
    enabled: true
    tools: [pytest]

  coverage:
    enabled: true
    tools: [coverage_py]
    threshold: 80

  duplication:
    enabled: true
    threshold: 10.0
    min_lines: 4

fail_on:
  linting: error
  type_checking: error
  security: high
  testing: any
  coverage: below_threshold

exclude:
  - "**/.git/**"
  - "**/node_modules/**"
  - "**/.venv/**"

Config File Discovery

LucidShark looks for config in this order:

  1. CLI --config PATH
  2. Project root: .lucidshark.yml, .lucidshark.yaml, lucidshark.yml
  3. Global: ~/.lucidshark/config/config.yml
  4. Built-in defaults

Configuration Examples

Minimal Python

version: 1
project:
  name: my-python-app
  languages: [python]
pipeline:
  linting:
    enabled: true
    tools: [ruff]
  type_checking:
    enabled: true
    tools: [mypy]
fail_on:
  linting: error
  type_checking: error

Minimal TypeScript

version: 1
project:
  name: my-ts-app
  languages: [typescript, javascript]
pipeline:
  linting:
    enabled: true
    tools: [eslint]
  type_checking:
    enabled: true
    tools: [typescript]
fail_on:
  linting: error
  type_checking: error

Python with Testing & Coverage

version: 1
project:
  name: my-python-app
  languages: [python]
pipeline:
  linting:
    enabled: true
    tools: [ruff]
  type_checking:
    enabled: true
    tools: [mypy]
  testing:
    enabled: true
    tools: [pytest]
  coverage:
    enabled: true
    tools: [coverage_py]
    threshold: 80
fail_on:
  linting: error
  type_checking: error
  testing: any
  coverage: below_threshold

Custom Commands

Override tool runners with custom shell commands:

pipeline:
  linting:
    command: "npm run lint -- --format json"
  testing:
    command: "docker compose run --rm app pytest"
    post_command: "npm run cleanup"

Exclude Patterns

LucidShark supports multiple exclusion mechanisms.

.lucidsharkignore File

Create a .lucidsharkignore file using gitignore-style patterns:

# Dependencies
node_modules/
.venv/

# Build artifacts
dist/
build/
*.pyc

# Generated code
generated/
**/*.generated.ts

Config File Excludes

Global and per-domain excludes in lucidshark.yml:

# Global excludes
exclude:
  - "**/node_modules/**"
  - "**/.venv/**"

pipeline:
  linting:
    # Per-domain excludes
    exclude:
      - "migrations/**"
      - "generated/**"

Inline Ignores

Tool Syntax
Ruff # noqa: E501
mypy # type: ignore
ESLint // eslint-disable-next-line
TypeScript // @ts-ignore
OpenGrep # nosemgrep: rule-id
Checkov # checkov:skip=CKV_ID:reason

MCP Tools Reference

LucidShark exposes 8 MCP tools for AI agent integration:

scan

Run quality checks on codebase or specific files.

Parameters:
  domains: ["all"]     # Check domains
  files: []              # Specific files (optional)
  all_files: false      # Full project scan
  fix: false            # Apply auto-fixes

check_file

Quick feedback on a single file. Auto-detects type and runs appropriate checks.

Parameters:
  file_path: "src/main.py"  # File to check

autoconfigure

Primary setup method. Analyzes codebase and generates config.

# Workflow:
1. Detect languages (check marker files)
2. Detect existing tools
3. Identify test frameworks
4. Ask clarifying questions
5. Install missing tools
6. Generate lucidshark.yml
7. Validate configuration
8. Run verification scan

# After completion: Restart Claude Code to load new config

get_fix_instructions

Detailed guidance for specific issues.

apply_fix

Auto-fix for fixable issues (linting only currently).

get_status

Current LucidShark status and available tools.

get_help

Documentation in markdown format.

validate_config

Validate configuration file syntax and values.

AI Integration Workflow

Automatic Feedback Loop

1 AI writes/modifies code
2 LucidShark scans changes
3 AI receives structured feedback
4 AI applies fixes

AI Instruction Format

LucidShark provides structured instructions to AI agents:

{
  "instruction": "Fix security vulnerability in auth.py",
  "issue": {
    "type": "security",
    "severity": "high",
    "rule": "opengrep.python.security.hardcoded-password"
  },
  "location": {
    "file": "src/api/auth.py",
    "line": 23,
    "code_snippet": "password = \"admin123\""
  },
  "fix_guidance": {
    "description": "Hardcoded password detected",
    "suggested_fix": "password = os.environ.get('DB_PASSWORD')",
    "steps": ["Import os", "Use environment variable"]
  }
}

Best Practices for AI Agents

Recommended Workflow

Scenario Command
After editing scan(domains=["linting", "type_checking"])
Single-file check check_file(file_path="src/main.py")
Specific files scan(domains=["linting"], files=["a.py", "b.py"])
Before commit scan(domains=["all"], all_files=true)
Security audit scan(domains=["sca", "sast", "iac"], all_files=true)

Performance Tips

  • Default is fast: scan() checks changed files only
  • check_file() is fastest: For single-file checks
  • Reserve full scans for commits: Use all_files=true before committing
  • Auto-fix is smart: Fixes only changed files by default

Supported Tools

Linting

Tool Languages Partial Scan
Ruff Python Yes
ESLint JavaScript, TypeScript Yes
Biome JavaScript, TypeScript, JSON Yes
Checkstyle Java Yes
Clippy Rust No

Type Checking

Tool Languages Partial Scan
mypy Python Yes
Pyright Python Yes
TypeScript (tsc) TypeScript No
SpotBugs Java No
cargo check Rust No

Security

Tool Domains Partial Scan
Trivy SCA, Container No
OpenGrep SAST Yes
Checkov IaC No

Testing

Tool Languages Partial Scan
pytest Python Yes
Jest JavaScript, TypeScript Yes
Playwright JavaScript, TypeScript (E2E) Yes
Maven Java No
cargo test Rust No

Coverage

Tool Languages
coverage.py Python
Istanbul/nyc JavaScript, TypeScript
JaCoCo Java
Tarpaulin Rust

Duplication

Tool Languages
Duplo Python, Rust, Java, JavaScript, TypeScript, C/C++, C#, Go, Ruby, Erlang, HTML, CSS

Supported Languages

LucidShark supports 15 programming languages with varying levels of tool coverage.

Tool Recommendations by Language

Language Linter Type Checker Test Runner Coverage
Python Ruff mypy / Pyright pytest coverage.py
TypeScript ESLint / Biome TypeScript Jest / Playwright Istanbul
JavaScript ESLint / Biome Jest / Playwright Istanbul
Java Checkstyle SpotBugs Maven JaCoCo
Rust Clippy cargo check cargo test Tarpaulin

Security tools (Trivy + OpenGrep) work with all languages.

Support Tiers

FULL Python, TypeScript, JavaScript, Java, Rust
PARTIAL Kotlin
BASIC Go, Ruby, C, C++, C#
MINIMAL PHP, Swift, Scala