Review
Purpose: Code review of the current branch against the base branch Mode: Read-only — do NOT modify files, run tests, or make commits Usage:
/review [scope flags]
Iron Laws
- •READ EVERYTHING BEFORE JUDGING — Read all changed files before forming any opinion. Early conclusions from partial reading lead to wrong findings.
- •EVIDENCE, NOT THEORY — Every P0/P1 finding must include the specific code and a concrete explanation of why it's a real problem, not a hypothetical one.
- •CLEAN REVIEWS ARE VALID — If the code is good, say so. Not finding issues is a legitimate review outcome, not a failure to review thoroughly.
When to Use
- •Before merging a PR
- •After completing implementation work
- •Reviewing someone else's branch
- •Quality check before release
When NOT to Use
- •Security-specific concerns →
/security-review - •Running validation commands →
/validate - •Making code changes →
/implementor/refactor - •Investigating a bug →
/debug
Constraints
- •Read-only — Suggestions only, no modifications
- •Acknowledge good patterns — Not just problems
- •Fresh context recommended — If you wrote the code, use a subagent or fresh session to avoid self-confirmation bias
Scope Flags
| Flag | Description |
|---|---|
--files=<paths> | Review specific files instead of full branch diff |
--pr=<number> | Review a specific PR by number |
Severity + Confidence
| Level | Label | Confidence Required | When to Use |
|---|---|---|---|
| P0 | Critical | HIGH — confirmed in code | Security vulnerability, data loss, correctness bug |
| P1 | High | HIGH — likely real | Logic error, race condition, performance regression |
| P2 | Medium | MEDIUM — possible | Code smell, maintainability concern |
| P3 | Low | Any | Style, naming, minor suggestion |
Confidence determines whether to report:
- •HIGH — Confirmed by reading code + evidence of real impact → Report
- •MEDIUM — Pattern is typically problematic but mitigation may exist → Report as "needs verification"
- •LOW — Theoretical or framework-mitigated → Do not report
Workflow
Step 1: Gather Context
git branch --show-current MAIN_BRANCH=$(gh repo view --json defaultBranchRef --jq '.defaultBranchRef.name') gh pr view --json number,title,body,baseRefName,url 2>/dev/null
Step 2: Get the Diff
git diff $MAIN_BRANCH...HEAD --stat git diff $MAIN_BRANCH...HEAD
Step 3: Validate Scope
- •Empty diff → Report "No changes found" and exit
- •Large diff (>500 lines) → Warn user, ask to review all or focus on specific areas
- •Mixed-concern changes (feature + refactor + config) → Flag as candidate for splitting into separate PRs
Step 4: Review Each File
For each changed file, read the full file for context. Check:
Code Quality: No any types, proper typing, correct imports, no lint warnings
Testing: Test coverage for new code, meaningful descriptions, proper async handling
Security (structured check — do not skip):
- •No
eval(),new Function(), or dynamic code execution with external input - •No
innerHTML,dangerouslySetInnerHTML, orv-htmlwith unsanitized data - •No raw SQL with string interpolation — parameterized queries or ORM required
- •No hardcoded secrets, API keys, or credentials in source files
- •No
child_process.exec()with user-controlled input - •No disabled security controls (
rejectUnauthorized: false) - •Input validation present at API boundaries (request params, body, headers)
- •Auth/authz checks present on protected operations
- •No open redirects (redirect URLs validated against allowlist)
- •No sensitive data in logs or error messages exposed to users
Performance: No obvious bottlenecks, efficient data fetching
General: No
console.login prod, error handling present, no dead code
Escalation Flags
Flag for explicit discussion even if no bug is found:
- •Schema or migration changes
- •API contract changes (request/response shape, status codes)
- •New dependencies added
- •Security-sensitive code (auth, crypto, input handling)
- •Infrastructure or CI/CD config changes
Step 5: Generate Report
## Code Review: [Branch Name] ### Summary [Brief overview of what the changes accomplish] ### P0 Critical 1. **[Issue]** — `file.ts:line` — Confidence: HIGH - **Evidence:** [Why real, not theoretical] - **Fix:** [Specific remediation] _(None found — or list findings)_ ### P1 High 1. **[Issue]** — `file.ts:line` — Confidence: HIGH/MEDIUM - **Evidence:** [Why it matters] - **Fix:** [Approach] ### P2 Medium 1. [Issue] — `file.ts:line` — [suggestion] ### P3 Low 1. [Suggestion] — `file.ts:line` ### Positive Notes - [What was done well] ### Escalation Flags - [Any flagged items, or "None"] ### Files Reviewed | File | Status | Notes | |------|--------|-------| | path/to/file.ts | ✅/🟡/🔴 | Brief note | ### Areas Not Covered [What couldn't be verified — runtime behavior, external API contracts, business logic] ### Residual Risks [Risks remaining even after fixing all findings] --- **Recommendation:** [Approve / Request Changes / Needs Discussion]
Step 6: Action Menu
**What would you like to do?** 1. **Fix all** — Apply fixes for all P0-P2 findings 2. **Fix P0-P1 only** — Critical and high issues only 3. **Fix specific items** — Choose which (e.g., "P0.1, P1.2") 4. **No changes** — Keep as read-only review
STOP HERE. Wait for user selection.
If user picks a fix option, apply fixes in priority order (P0 → P1 → P2), run typecheck and lint after, then offer to commit.