quodeq

code quality compass

also via · Download macOS app · v1.0.9 changelog

Requires Python 3.12+ and Node.js 18+ with npm — install commands
  • brew install node macOS — ships node + npm together
  • sudo apt install -y nodejs npm Debian / Ubuntu — two separate packages
  • sudo dnf install -y nodejs npm Fedora / RHEL
  • pacman -S nodejs npm Arch

On Debian/Ubuntu nodejs and npm are separate packages — installing only nodejs is not enough.

What is Quodeq

An AI agent that audits your codebase against structural quality standards. Not a linter.

It explores your code with read-only tools, scores it across six ISO 25010 quality dimensions, and maps every issue to CWE classifications.

Three steps to better code

1
Evaluate

Point Quodeq at any project. An AI agent explores your codebase with read-only tools, following imports, reading files, and understanding context across languages and frameworks.

2
Score

Findings are mapped to ISO 25010 quality dimensions and scored with the Q² formula. Both violations and compliance count. Good code is rewarded, not just bad code penalized.

3
Fix

Each violation comes with the exact code, the reason, and a fix plan you can paste into your AI agent or IDE. One click to generate a remediation path.

What it finds

CRITICAL  src/db.py:15        SQL injection via string concatenation     CWE-89
          query = f"SELECT * FROM users WHERE id = {user_id}"

HIGH      src/auth.py:42      Hardcoded credentials in source code       CWE-798
          credentials = {"user": "admin", "pass": "secret123"}

MEDIUM    src/api.py:88       Missing rate limiting on login endpoint    CWE-307
          @app.route("/login", methods=["POST"])

MINOR     src/utils.py:23     Bare except clause hides errors            CWE-396
          except: pass

Each finding ships with the offending code, a reason, and a fix plan. Results are stored as JSON on your machine.

Human-aligned code

Built on ISO 25010, decades of consensus from software quality specialists.

These are not arbitrary rules. They represent shared knowledge about what makes software reliable, secure, and maintainable. The same standards used across industries worldwide.

Local first

Your code never leaves your machine. Use Ollama for fully offline evaluation, or connect Claude, Codex, Gemini.

Open source

MIT licensed. Read every line, extend the dimensions, contribute back. No black box.

Your standards

ISO 25010 and CWE built-in. Create your own quality criteria: individual, team, or company-wide.

Works with

Ollama Local Claude Anthropic Codex OpenAI Gemini Google OpenRouter Multi-model
Dashboard
Dashboard
Violations
Violations
Violation Detail
Detail
Code Map
Code Map
History
History
Evaluate
Evaluate
Standards
Standards
Settings
Settings

The code you ship today will be read by AI

The window to fix security debt, reliability gaps, and maintenance shortcuts is shrinking. Prepare your code now.

GitHub YouTube