Code health for the AI coding era

34 checks. Zero config. Full report in 5 seconds. Architecture diagrams, trend tracking, best practices audit, and LLM readiness analysis — built for how software is made in 2026.

Get started free See pricing
npx @vibecodeqa/cli
or get the desktop Monitor app for macOS, Windows & Linux
34
Checks
7
Categories
5s
Scan time
0
Config needed
AI
Autofix

How it works

1

Run one command

npx @vibecodeqa/cli — auto-detects your stack (TS/JS, React, Dart/Flutter), runs 34 checks, generates a full report.

2

Get your score

A-F grade with transparent weighted scoring. Every issue shows file, line, rule, and how to fix it.

3

Track improvement

Each run compares to the previous one. See score deltas, new issues, and what you fixed.

vcqa v0.44.5
/Users/dev/my-project
stack: typescript + react + vite + vitest + biome + pnpm
workspace: pnpm monorepo — 4 packages
 
structure A 100/100
lint A 96/100
types A 100/100
type-safety A 98/100 2 issues
standards B 82/100 5 issues
complexity A 92/100 3 issues
duplication A 95/100
error-handlingA 98/100 1 issue
react A 100/100
accessibility A 100/100
docs B 78/100 1 issue
best-practicesB 82/100 4 issues
testing B 75/100 4 issues
secrets A 100/100
security A 100/100
dependencies A 99/100
architecture A 91/100 3 issues
performance A 100/100
confusion B 85/100 8 issues
context A 90/100
doc-coherence soon PRO
code-coherencesoon PRO
comment-stale soon PRO
dead-patterns soon PRO
test-audit soon PRO
 
A 92/100 34 checks · 31 issues · 5.2s
↑ 3 pts improved vs 2026-05-14 5 fixed
▁▂▃▄▅▅▆▆▇▇█████████

7 categories of deep analysis

Every dimension of code quality, scored 0-100 with research-backed methodology

Foundations 23%

Project structure, lint (Biome/ESLint auto-detected), TypeScript types, type safety (as any counts), code standards (naming, file size, code smells, strict mode).

Quality 26%

Cognitive complexity, duplication (jscpd), error handling (info leakage), React/Vue/Svelte patterns, accessibility, documentation, production readiness, GitHub Actions security (10 checks).

Testing 15%

6 sub-dimensions: testing pyramid layers, pass/fail execution, statement/branch/line/function coverage, file pairing, assertion density vs mock ratio, Playwright/Cypress detection.

Architecture 9%

Import graph + 6 interactive SVG diagrams (dep graph, DSM, sequence, layer, package, container). Circular deps, god modules, coupling metrics. Performance: barrel imports, heavy deps, dead code (Knip).

Security 16%

Secret detection (delegates to gitleaks, 14 built-in patterns). 36 CWE-mapped patterns (XSS, injection, SSRF, CORS, credential storage, cookies, redirects). Delegates to eslint-plugin-security when installed. Dependency audit via npm audit.

LLM Readiness 11% Unique

Confusion Index — naming ambiguity that causes AI to edit the wrong code. Context Locality — file self-containment for LLM comprehension. Research: GPT-4o drops 28.6% with ambiguous names.

Works with your stack

Auto-detects your tools. Dedicated analysis for each ecosystem.

CI & Platform Integration

Config File

Create .vcqa.json to disable checks, ignore paths, set per-check exclusions, and configure quality thresholds.

PR Comments

--pr-comment posts score, trend, and top issues as a GitHub PR comment. Upserts to avoid duplicates.

Diff Mode

--diff main filters issues to only changed files. See what your PR introduced, not inherited debt.

Markdown Output

--markdown generates a clean markdown report. Pipe to clipboard, paste into docs, or attach to issues.

GH Actions Annotations

--annotations emits ::warning and ::error lines. Issues appear inline on PR diffs.

Badge API

Embed <img src="api.vibecodeqa.online/badge/org/repo.svg"> in READMEs, dashboards, and store listings.

GitHub App New

Install the VibeCode QA GitHub App to auto-scan every pull request — score and top issues as a PR comment, a pass/fail quality gate status check, and SARIF uploaded to the Security tab. Sets up the workflow for you on install.

VibeCode Monitor — the desktop app

A live code-health cockpit for your machine. Point it at a repo — it re-scans on every save and turns your report into interactive dashboards, with an AI copilot on every page.

Universal build for Apple Silicon & Intel · signed & notarized by Apple · all platforms & versions

A dozen live dashboards

Health, dependency graph, complexity, clones, types, lint, security, dependencies, tests, trends, and file activity — each a focused, interactive view over your report. Click any finding to jump straight to the file.

Watches & re-scans on save New

Runs @vibecodeqa/cli in the background and refreshes the instant you change a file. Your score, issues, and graphs stay live while you code — nothing to re-run.

AI Copilot on every page New

A per-page chat that sees exactly what you're looking at. Ask it to explain the worst issue, read the source to validate a finding, draft a fix plan, write a note, or file a GitHub issue. Anthropic, OpenAI, or Gemini — your key, kept in your OS keychain. Every write is confirm-gated.

Signed, notarized, cross-platform

The macOS build is Developer ID–signed and notarized by Apple — it just opens, no Gatekeeper warning. Windows .msi/.exe and Linux .AppImage/.deb/.rpm ship alongside every release.

Prefer the terminal? npx @vibecodeqa/cli monitor runs a full-screen TUI version.

AI Agent Integration (MCP)

Give your AI coding agent real-time code health context via Model Context Protocol.

One command setup

claude mcp add vcqa -- npx @vibecodeqa/mcp

Works with Claude Code, Cursor, and any MCP client. 7 tools: score, scan, file health, check details, explain, AI fix, delta.

How agents use it

Before editing: Agent calls vcqa_file_health to see existing issues.
After editing: Agent calls vcqa_score to verify it didn't degrade quality.
Understanding: Agent calls vcqa_explain to learn why a check flags something.

View @vibecodeqa/mcp on GitHub →

Free right now. Paid plans later.

The CLI is open source and always free. While we're in early access, the hosted dashboard, org views, and GitHub App are free too — the Team & Org prices below are the planned pricing.

Early access — everything is free right now, including the hosted dashboard and the GitHub App. No card required.
Free
$0 forever
For developers and open source projects
  • Full CLI — all 34 checks
  • Multi-page HTML report with interactive diagrams
  • JSON + SARIF output for CI
  • Score trends with terminal sparklines
  • 6 architecture diagrams (click-to-explore)
  • Monorepo support (pnpm, npm, yarn, melos)
  • Vue/Svelte SFC analysis
  • Tool delegation (gitleaks, jscpd, knip, biome)
  • --ci, --fail-under, --top, --watch
  • Unlimited scans, unlimited repos
  • Desktop Monitor app + AI Copilot
  • Hosted dashboard, org views & GitHub App early access
Get started
Organization
$29 /committer/mo · planned
For engineering orgs that need governance
  • Everything in Team
  • LLM-powered code review (AI assessment)
  • Custom rules via natural language
  • Org-wide dashboard (all repos)
  • SARIF export for GitHub Security tab
  • SSO / SAML
  • API access
  • Unlimited history
  • Priority support
Free in early access →

34 checks, transparent scoring

Weights are visible. Every point of your score is explained.

6% Project Structure
5% Lint (biome/eslint)
6% Type Check (tsc)
3% Type Safety
3% Code Standards
5% Complexity
3% Duplication (jscpd)
3% Error Handling
3% React / Vue / Svelte
4% Accessibility
3% Documentation
3% Best Practices
HTML Quality (static sites) New
2% Frontend Health New
1% Styling Consistency New
1% Env Validation New
1% Git Hygiene New
1% Memory Safety New
13% Testing (vitest/jest)
6% Secrets (gitleaks)
5% Security Patterns
5% Dependencies (npm audit)
5% Architecture
4% Performance (knip)
Container Health
4% Confusion Index Unique
5% Context Locality Unique
PRO Doc Coherence (LLM)
PRO Code Coherence (LLM)
PRO Comment Staleness (LLM)
PRO Dead Patterns (LLM)
PRO Test Audit (LLM)
PRO File Cohesion (LLM) New
PRO Design Consistency (LLM) New

Ship better code, faster

Join developers who use VibeCode QA to catch bugs, reduce complexity, and keep their AI-assisted code clean.

npx @vibecodeqa/cli
View on GitHub npm