AgentSkillsCN

Python Code Review And Linting

Python 代码审查与 linting

SKILL.md

Python Code Review and Linting Skill

Metadata (Tier 1)

Keywords: ruff, lint, refactor, security, anti-pattern, python review, mypy

File Patterns: *.py

Modes: code_review


Instructions (Tier 2)

Ruff Configuration

toml
# pyproject.toml
[tool.ruff]
line-length = 100

[tool.ruff.lint]
select = ["E", "F", "B", "S", "I"]
ignore = ["E501"]  # Line too long (handled by formatter)

[tool.ruff.format]
quote-style = "double"

Critical Security Rules (S prefix)

S101: Assert used (disabled in production)

python
# ❌ Insecure
assert user.is_admin, "Not admin"  # Can be disabled with -O flag

# ✅ Secure
if not user.is_admin:
    raise PermissionError("Not admin")

S105/S106: Hardcoded secrets

python
# ❌ Violation
password = "admin123"

# ✅ Fix
import os
password = os.getenv("PASSWORD")

S301: Unsafe pickle

python
# ❌ Code execution risk
data = pickle.loads(user_input)

# ✅ Safe
import json
data = json.loads(user_input)

S307: Use of eval

python
# ❌ Arbitrary code execution
result = eval(user_input)

# ✅ Safe
import ast
result = ast.literal_eval(user_input)  # Only literals

Common Anti-Patterns (B prefix)

B006: Mutable default argument

python
# ❌ Shared state bug
def add_item(item, items=[]):
    items.append(item)
    return items

# ✅ Fix
def add_item(item, items=None):
    if items is None:
        items = []
    items.append(item)
    return items

B007: Unused loop variable

python
# ❌ Confusing
for i in range(10):
    do_something()  # 'i' not used

# ✅ Clear
for _ in range(10):
    do_something()

mypy Type Errors

python
# error: Argument 1 has incompatible type "str"; expected "int"
def process(x: int) -> int:
    return x * 2

process("5")  # ❌ Type error

# ✅ Fix
process(int("5"))

Anti-Patterns

❌ Ignoring lint errors with # noqa ❌ Using basic exceptions (Exception, BaseException) ❌ Star imports (from module import *) ❌ Bare except clauses