AgentSkillsCN

review-changes

在提交前,或当用户要求审查代码时,对未提交的代码变更进行漏洞、安全风险与质量问题的审查。

SKILL.md
--- frontmatter
name: review-changes
description: Review uncommitted code changes for bugs, security vulnerabilities, and quality issues. Use before commits or when asked to review code.
context: fork
agent: code-reviewer

Code Review Task

Review all uncommitted changes in this repository for issues.

Steps

  1. Run git diff to get all uncommitted changes
  2. Run git diff --cached for staged changes
  3. For each modified file, analyze for:
    • Security vulnerabilities (see references/security-checklist.md)
    • Bugs and logic errors
    • Code quality issues (see references/quality-checklist.md)
  4. Check test coverage for changed code
  5. Categorize findings as Critical/Warning/Suggestion
  6. Provide specific file:line references
  7. Suggest fixes with code examples

Reference Documents

For detailed checklists, read:

  • references/security-checklist.md - OWASP Top 10 and stack-specific security
  • references/quality-checklist.md - Code quality and best practices

Stack Detection

Detect project stack from config files:

  • composer.json + artisan = Laravel
  • pubspec.yaml = Flutter
  • nuxt.config.* = Nuxt.js
  • package.json with "vue" = Vue

Apply stack-specific checks based on detection.

Output Requirements

Return a structured report with:

  • Summary counts by severity
  • Each issue with file:line, explanation, and fix
  • Test coverage status
  • Prioritized recommendations

Focus on actionable feedback. Skip style-only issues unless they affect readability significantly.