Code Review Skill
This skill performs comprehensive code reviews focusing on quality, security, and best practices.
Usage
Invoke with /review followed by optional arguments:
- •
/review- Review staged changes - •
/review <file>- Review specific file - •
/review --security- Focus on security issues - •
/review --pr- Review current PR changes
Review Process
1. Gather Context
- •Identify files to review (staged, specified, or PR)
- •Understand the purpose of changes
- •Check related files for context
2. Analyze Code
Run through these checklists:
Quality Checklist
- • Code is readable and self-documenting
- • Functions are focused and appropriately sized
- • Error handling is comprehensive
- • Edge cases are handled
- • No code duplication
- • Naming is clear and consistent
Security Checklist
- • No hardcoded secrets or credentials
- • Input validation is present
- • SQL queries use parameterized statements
- • User input is sanitized before output (XSS)
- • Authentication/authorization checks are proper
- • Sensitive data is not logged
Best Practices
- • Follows project conventions
- • Tests are included for new code
- • No commented-out code
- • Dependencies are appropriate
- • Performance considerations addressed
3. Generate Report
Output Format
markdown
## Code Review: [file/feature name] ### Summary [Brief overview of changes and overall assessment] ### Issues Found #### Critical - [Security or correctness issues that must be fixed] #### Major - [Significant problems affecting quality or maintainability] #### Minor - [Style issues, suggestions, nitpicks] ### Positive Notes - [Good practices observed] ### Recommendations - [Actionable suggestions for improvement]
Severity Levels
| Level | Description | Action |
|---|---|---|
| Critical | Security vulnerabilities, data loss risks, crashes | Must fix before merge |
| Major | Bugs, poor error handling, significant design issues | Should fix before merge |
| Minor | Style inconsistencies, minor improvements | Consider fixing |
| Info | Suggestions, alternatives, learning opportunities | Optional |
Review Principles
- •Be Specific: Point to exact lines, provide examples
- •Be Constructive: Suggest solutions, not just problems
- •Be Kind: Critique code, not the author
- •Be Timely: Complete reviews promptly
- •Be Thorough: Check logic, not just syntax