AgentSkillsCN

Skill Review

技能交付

SKILL.md

Code Review Skill

This skill performs comprehensive code reviews focusing on quality, security, and best practices.

Usage

Invoke with /review followed by optional arguments:

  • /review - Review staged changes
  • /review <file> - Review specific file
  • /review --security - Focus on security issues
  • /review --pr - Review current PR changes

Review Process

1. Gather Context

  • Identify files to review (staged, specified, or PR)
  • Understand the purpose of changes
  • Check related files for context

2. Analyze Code

Run through these checklists:

Quality Checklist

  • Code is readable and self-documenting
  • Functions are focused and appropriately sized
  • Error handling is comprehensive
  • Edge cases are handled
  • No code duplication
  • Naming is clear and consistent

Security Checklist

  • No hardcoded secrets or credentials
  • Input validation is present
  • SQL queries use parameterized statements
  • User input is sanitized before output (XSS)
  • Authentication/authorization checks are proper
  • Sensitive data is not logged

Best Practices

  • Follows project conventions
  • Tests are included for new code
  • No commented-out code
  • Dependencies are appropriate
  • Performance considerations addressed

3. Generate Report

Output Format

markdown
## Code Review: [file/feature name]

### Summary
[Brief overview of changes and overall assessment]

### Issues Found

#### Critical
- [Security or correctness issues that must be fixed]

#### Major
- [Significant problems affecting quality or maintainability]

#### Minor
- [Style issues, suggestions, nitpicks]

### Positive Notes
- [Good practices observed]

### Recommendations
- [Actionable suggestions for improvement]

Severity Levels

LevelDescriptionAction
CriticalSecurity vulnerabilities, data loss risks, crashesMust fix before merge
MajorBugs, poor error handling, significant design issuesShould fix before merge
MinorStyle inconsistencies, minor improvementsConsider fixing
InfoSuggestions, alternatives, learning opportunitiesOptional

Review Principles

  1. Be Specific: Point to exact lines, provide examples
  2. Be Constructive: Suggest solutions, not just problems
  3. Be Kind: Critique code, not the author
  4. Be Timely: Complete reviews promptly
  5. Be Thorough: Check logic, not just syntax