Code Review Assistant
Perform structured code reviews using checklists and automated analysis tools.
Review Workflow
- •Gather context - Understand the scope of changes
- •Run automated analysis - Execute scripts for metrics and security scans
- •Apply checklists - Review using category-specific checklists
- •Synthesize findings - Compile issues with severity and recommendations
Quick Start
For a standard code review:
# 1. View changes git diff HEAD~1 # 2. Analyze code complexity and metrics python scripts/analyze.py <file_or_directory> # 3. Scan for security patterns (optional) python scripts/security_scan.py <file_or_directory>
Then apply the appropriate checklists based on the code type.
Automated Analysis
Code Metrics Analysis
Run scripts/analyze.py to get code metrics:
python scripts/analyze.py path/to/code --output json python scripts/analyze.py src/ --recursive
Outputs:
- •Lines of code (total, code, comments, blank)
- •Function/method count and average length
- •Cyclomatic complexity estimates
- •File-level metrics summary
Security Pattern Scan
Run scripts/security_scan.py for quick security checks:
python scripts/security_scan.py path/to/code python scripts/security_scan.py src/ --severity high
Detects:
- •Dangerous function calls (eval, exec, shell injection)
- •Hardcoded credentials patterns
- •SQL injection indicators
- •XSS vulnerability patterns
Review Checklists
Select checklists based on the type of changes being reviewed:
Security Review
When to use: Authentication changes, user input handling, API endpoints, database queries
See SECURITY.md for complete security checklist covering:
- •Injection vulnerabilities (SQL, XSS, command injection)
- •Authentication and authorization
- •Data exposure and encryption
- •Input validation
Performance Review
When to use: Database operations, loops, API calls, data processing
See PERFORMANCE.md for performance checklist covering:
- •N+1 query detection
- •Memory management
- •Algorithmic complexity
- •Caching opportunities
Code Quality Review
When to use: All code changes, especially new features and refactoring
See QUALITY.md for quality checklist covering:
- •Naming conventions
- •Function complexity
- •DRY principle adherence
- •Error handling patterns
Review Output Format
Structure findings using this format:
## Code Review Summary **Files reviewed**: [count] **Issues found**: Critical: X | High: Y | Medium: Z | Low: W ### Critical Issues 1. **[File:Line]** Description - Code: `snippet` - Fix: Recommendation ### High Priority Issues [Same format] ### Positive Observations - [Note well-implemented patterns] ### Recommendations 1. [Prioritized action items]