Code Reviewer
This skill performs comprehensive code reviews to improve quality, identify issues, and suggest best practices.
When to Use This Skill
Invoke this skill when the user:
- •Asks for a code review
- •Wants to check code quality
- •Needs help identifying bugs or issues
- •Requests best practice recommendations
- •Mentions code analysis or improvement
Review Process
Step 1: Initial Analysis
Read the code and understand:
- •Purpose and functionality
- •Language and framework used
- •Code structure and organization
- •Dependencies and imports
Step 2: Quality Assessment
Evaluate code across multiple dimensions:
Correctness:
- • Logic errors or bugs
- • Edge cases handled
- • Error handling implemented
- • Return values appropriate
Readability:
- • Clear variable/function names
- • Consistent formatting
- • Appropriate comments
- • Logical code organization
Performance:
- • Efficient algorithms
- • No redundant operations
- • Appropriate data structures
- • Resource management
Security:
- • Input validation
- • No hardcoded credentials
- • SQL injection prevention
- • XSS protection (if applicable)
Maintainability:
- • DRY principle followed
- • Single responsibility
- • Low coupling, high cohesion
- • Easy to extend
Step 3: Generate Feedback
Provide structured feedback:
Critical Issues (must fix):
- •Bugs that cause failures
- •Security vulnerabilities
- •Data loss risks
Warnings (should fix):
- •Performance problems
- •Maintainability issues
- •Best practice violations
Suggestions (nice to have):
- •Code style improvements
- •Optimization opportunities
- •Alternative approaches
Step 4: Code Examples
For each issue, provide:
- •Location (file:line)
- •Description of problem
- •Why it matters
- •Suggested fix with code example
Review Template
Use this structure for reviews:
## Code Review Summary **Overall Quality:** [Excellent/Good/Fair/Needs Improvement] **Lines Reviewed:** [Number] **Critical Issues:** [Number] **Warnings:** [Number] **Suggestions:** [Number] ## Critical Issues ### 1. [Issue Title] **Location:** file.py:42 **Problem:** [Description] **Impact:** [Why this matters] **Fix:** ```language [Code example of suggested fix]
Warnings
[Same structure as Critical Issues]
Suggestions
[Same structure as Critical Issues]
Positive Observations
- •[Good pattern 1]
- •[Good pattern 2]
Overall Recommendations
[High-level guidance for improvement]
## Common Review Patterns
**Pattern 1: Bug Identification**
- Trace execution flow
- Check boundary conditions
- Verify error handling
- Test edge cases mentally
**Pattern 2: Security Review**
- Audit all user inputs
- Check authentication/authorization
- Review data handling
- Examine external calls
**Pattern 3: Performance Analysis**
- Identify bottlenecks
- Check algorithmic complexity
- Review database queries
- Examine loop efficiency
**Pattern 4: Maintainability Check**
- Assess code clarity
- Check for duplication
- Evaluate modularity
- Review documentation
## Language-Specific Checks
**Python:**
- PEP 8 compliance
- Pythonic idioms
- Type hints usage
- Exception handling
**JavaScript/TypeScript:**
- ESLint compatibility
- Async/await usage
- Type safety (TS)
- Modern syntax
**Go:**
- Error handling patterns
- Goroutine safety
- Interface usage
- Idiomatic Go
**Other Languages:**
- Follow language conventions
- Use standard library features
- Apply community best practices
## Example Review
**Input Code:**
```python
def get_user(id):
user = db.query("SELECT * FROM users WHERE id = " + id)
return user
Review Output:
Critical Issues
1. SQL Injection Vulnerability Location: example.py:2 Problem: String concatenation in SQL query allows injection attacks Impact: Attacker could execute arbitrary SQL, accessing or deleting data Fix:
def get_user(id):
user = db.query("SELECT * FROM users WHERE id = ?", (id,))
return user
Warnings
2. Missing Error Handling Location: example.py:1-3 Problem: No handling for invalid ID or database errors Impact: Function crashes on errors instead of graceful handling Fix:
def get_user(user_id):
try:
user = db.query("SELECT * FROM users WHERE id = ?", (user_id,))
return user if user else None
except DatabaseError as e:
logger.error(f"Database error retrieving user {user_id}: {e}")
return None
Suggestions
3. Parameter Naming
Location: example.py:1
Problem: Parameter named id shadows Python built-in
Impact: Minor - can cause confusion, not a functional issue
Fix:
def get_user(user_id):
# ... rest of function
Validation Checklist
Before completing review:
- • All code sections examined
- • Security vulnerabilities identified
- • Performance issues noted
- • Best practices applied
- • Examples provided for fixes
- • Positive patterns acknowledged
- • Overall recommendations given
Review Scope Options
Quick Review:
- •Focus on critical issues only
- •Security and correctness
- •5-10 minutes
Standard Review:
- •All quality dimensions
- •Critical + warnings
- •15-30 minutes
Comprehensive Review:
- •All dimensions + suggestions
- •Alternative approaches
- •Refactoring ideas
- •30+ minutes
Ask the user which scope they prefer if unclear.