In shareAI-lab/learn-claude-code, the highest structural risk is concentrated in the agents/ layer, where two separate _loop functions are simultaneously complex and under active development — a live regression risk, not a deferred cleanup item. The top-ranked function, _loop in agents/s_full.py, carries a risk score of 17.1 with a recent activity score of 16.76, a cyclomatic complexity of 48, and a fan-out of 29, meaning it is both hard to reason about and being changed right now. Across the full codebase of 596 functions, 41 are rated critical — nearly 7% of the total — signaling that structural debt in the agent subsystem is widespread rather than isolated.
The table below ranks functions by activity-weighted risk — a score that multiplies structural complexity by recent commit frequency. A function that is both hard to understand (high cyclomatic complexity) and actively changing is a higher priority than one that is complex but untouched. CC = cyclomatic complexity (independent execution paths); ND = max nesting depth; FO = fan-out (distinct callees).
Top 5 Hotspots
| Function | File | Risk | CC | ND | FO |
|---|---|---|---|---|---|
_loop | agents/s_full.py | 17.1 | 48 | 5 | 29 |
_loop | agents/s11_autonomous_agents.py | 16.5 | 38 | 5 | 20 |
main | web/scripts/extract-content.ts | 14.3 | 17 | 4 | 36 |
_exec | agents/s11_autonomous_agents.py | 13.4 | 18 | 3 | 11 |
_exec | agents/s10_team_protocols.py | 13.2 | 17 | 3 | 10 |
Hotspot Analysis
_loop — agents/s_full.py
Based on its name and location in the agents directory, this function likely implements the core execution loop for a full-featured agent — coordinating tool calls, branching on results, and managing control flow across a potentially long-running session. A cyclomatic complexity of 48 means there are at least 48 independent execution paths through this single function, each a required test case and a potential bug surface. With a fan-out of 29 and a recent activity score of 16.76, this is a fire-quadrant hotspot: it is both structurally overloaded and actively changing right now, making every commit to it a live regression risk across nearly 30 downstream call targets.
Recommendation: Add characterization tests to lock down current behavior before touching anything, then apply extract-method refactoring to decompose the branching logic into named sub-functions — targeting the exit-heavy and god-function patterns flagged in the data. Review the 29 fan-out targets to understand the full blast radius of any change.
_loop — agents/s11_autonomous_agents.py
This parallel _loop implementation — in a file specifically named for autonomous agents — likely governs the decision-making cycle for an agent that operates with reduced human oversight, making correctness especially critical. Its cyclomatic complexity of 38 and max nesting depth of 5 together indicate deeply branched, hard-to-trace control flow; ND 5 is above the threshold where reasoning about all possible states becomes unreliable. With a recent activity score of 16.12 and an a risk score of 16.5, it sits firmly in the fire quadrant alongside its s_full.py counterpart — structural complexity compounding in real time as commits land.
Recommendation: Flatten the nesting depth by extracting inner conditional blocks into well-named helper functions, and audit the 20 fan-out callees for unexpected coupling. Given the autonomous-agent context, prioritize test coverage for the exit-heavy paths before the next refactoring pass.
main — web/scripts/extract-content.ts
As the entry point of a content-extraction script in the web layer, this main function likely orchestrates file discovery, parsing, transformation, and output — a broad coordination role consistent with its god-function and long-function patterns. What makes it stand out structurally is not its cyclomatic complexity of 17 (moderate on its own) but its fan-out of 36, the highest of any function in the top five, meaning it directly calls 36 distinct functions and acts as a hub across a wide slice of the tooling surface. With a recent activity score of 14.0 and a risk score of 14.3, it is also in the fire quadrant — changes to this orchestrator propagate risk across 36 downstream dependencies with every commit.
Recommendation: Decompose this function into a pipeline of smaller, single-responsibility stages — each responsible for one phase of content extraction — to reduce the fan-out coupling and make individual stages independently testable and changeable.
Patterns Found
Antipatterns detected across the top functions in this snapshot:
| Pattern | Occurrences |
|---|---|
exit_heavy | 5 |
complex_branching | 3 |
god_function | 3 |
long_function | 3 |
deeply_nested | 2 |
These labels belong to two tiers — Tier 1 (structural): complex_branching, deeply_nested, exit_heavy, long_function, god_function. Tier 2 (relational/temporal): hub_function, cyclic_hub, middle_man, neighbor_risk, stale_complex, churn_magnet, shotgun_target, volatile_god.
Key Takeaways
- _loop in agents/s_full.py has a cyclomatic complexity of 48 and a recent activity score of 16.76 — write characterization tests before making any further changes to this function.
- The main function in web/scripts/extract-content.ts calls 36 distinct functions; decomposing it into a staged pipeline would immediately reduce blast radius on every future commit.
- All five critical hotspots are in the fire quadrant, meaning the entire top of the risk list is actively changing right now — this is not a backlog problem, it is a live regression risk that warrants immediate attention.
Reproduce This Analysis
git clone https://github.com/shareAI-lab/learn-claude-code
cd learn-claude-code
git checkout a9c71002d2caa34fb14e264c647b1d5898b18ee0
hotspots analyze . --mode snapshot --explain-patterns --forceTo run the same analysis on your own codebase, run hotspots analyze . --mode snapshot in any local git repo — no configuration required.
Hotspots highlights structural and activity risk — not “bad code.” Findings are a prioritization aid, not a bug predictor. Editorial policy →