name: code-scoring description: Provides quantitative rubrics and criteria for scoring code quality on a 1-10 scale. Use when reviewing code, performing code audits, establishing quality baselines, comparing implementations, or providing objective code feedback.

Code Scoring

Systematic, quantitative code quality assessment using weighted categories and standardized deductions.

Quick Start

Full code review with score:

Score this code on a 1-10 scale using the code-scoring rubric

Category-specific assessment:

Evaluate the error handling in this module using the scoring rubric

Compare implementations:

Score both implementations and recommend which is better

Scoring Methodology

The Formula

Final Score = 10 - Total Deductions

Where:
Total Deductions = SUM(Category Deductions * Category Weight)
Category Deduction = SUM(Issue Points * Severity Multiplier)

Category Weights

Total: 100%

Severity Multipliers

Quick Scoring Cheat Sheet

Common Deductions Table

Quick reference for frequent issues. See references/deduction-catalog.md for complete list.

High-Impact Deductions

Medium-Impact Deductions

Low-Impact Deductions

Scoring Workflow

Step 1: Initial Scan

1. Count lines of code
2. Identify file/module structure
3. Note language and framework
4. Check for tests presence
5. Scan for obvious red flags

Step 2: Category Assessment

For each of the 10 categories:

1. Review relevant code sections
2. Identify issues
3. Classify severity (critical/major/minor/nitpick)
4. Calculate: Issues * Severity Multiplier
5. Apply category weight

Step 3: Calculate Final Score

Final Score = 10 - (Sum of weighted deductions)

If score < 1: score = 1
If score > 10: score = 10

Step 4: Generate Report

## Code Score: X.X/10

### Score Breakdown
| Category | Weight | Deductions | Weighted |
|----------|--------|------------|----------|
| Organization | 12% | ... | ... |
| ... | ... | ... | ... |

### Critical Issues (Fix Immediately)
- [Issue 1]

### Major Issues (Fix Before Merge)
- [Issue 1]

### Minor Issues (Fix When Convenient)
- [Issue 1]

### Recommendations
- [Improvement 1]

Category Quick Guides

Organization (12%)

Excellent (0 deductions):

• Clear module boundaries
• Single responsibility per file
• Logical folder structure
• No circular dependencies

Red flags:

• Files > 500 lines: -1.0
• Mixed concerns in module: -1.0
• No clear structure: -1.5
• Circular dependencies: -1.0

Naming (10%)

Excellent (0 deductions):

• Descriptive, intention-revealing names
• Consistent convention (camelCase, snake_case)
• Domain terminology used correctly
• Acronyms handled consistently

Red flags:

• Single-letter variables (non-loop): -0.5
• Misleading names: -1.0
• Inconsistent convention: -1.0
• Magic numbers: -1.0

Error Handling (12%)

Excellent (0 deductions):

• All external calls wrapped
• Specific error types used
• Errors logged with context
• Graceful degradation where appropriate

Red flags:

• Empty catch blocks: -1.0
• Generic catch-all: -0.5
• Missing validation: -1.5
• Swallowed errors: -1.0

Testing (12%)

Excellent (0 deductions):

• 80%+ coverage on critical paths
• Unit, integration, and E2E tests
• Edge cases covered
• Tests are maintainable

Red flags:

• No tests: -2.0
• Only happy path: -1.0
• Flaky tests: -1.0
• Test code duplication: -0.5

Performance (10%)

Excellent (0 deductions):

• Efficient algorithms
• Appropriate caching
• No memory leaks
• Optimized queries

Red flags:

• N+1 queries: -1.5
• Blocking operations in hot path: -1.0
• Memory leaks: -1.5
• No pagination on lists: -1.0

Security (12%)

Excellent (0 deductions):

• Input validation on all boundaries
• Parameterized queries
• Secrets in environment variables
• Proper authentication/authorization

Red flags:

• SQL/command injection: -2.0
• Hardcoded secrets: -2.0
• Missing auth checks: -1.5
• XSS vulnerabilities: -1.5

Documentation (8%)

Excellent (0 deductions):

• Public API documented
• Complex logic explained
• README with setup instructions
• Changelog maintained

Red flags:

• No documentation: -1.5
• Outdated docs: -1.0
• Missing API docs: -1.0
• No README: -0.5

SOLID Principles (10%)

Excellent (0 deductions):

• Single responsibility classes
• Open for extension, closed for modification
• Proper abstractions
• Dependency injection used

Red flags:

• God classes: -1.5
• Tight coupling: -1.0
• Violation of LSP: -1.0
• Concrete dependencies: -0.5

Dependencies (6%)

Excellent (0 deductions):

• Minimal dependencies
• Locked versions
• No vulnerabilities
• Clear dependency boundaries

Red flags:

• CVE vulnerabilities: -2.0
• Circular dependencies: -1.0
• Excessive dependencies: -0.5
• Unlocked versions: -0.5

Maintainability (8%)

Excellent (0 deductions):

• Low cyclomatic complexity
• DRY principle followed
• Consistent style
• Easy to understand

Red flags:

• Cyclomatic complexity > 15: -1.0
• Duplicated code: -1.0
• Deep nesting (4+): -1.0
• Inconsistent style: -0.5

Score Interpretation Guide

Deployment Readiness

Review Actions

Reference Files

• references/scoring-rubrics.md - Detailed rubric for each category
• references/severity-weights.md - How to weight different issue types
• references/score-descriptors.md - What each score 1-10 means with examples
• references/deduction-catalog.md - Common issues and their point deductions