AgentSkillsCN

Code Review

代码审查

SKILL.md

Skill: Code Review

Description

Reviews code for quality, security, performance, and convention compliance.

When to Use

  • After implementing a feature (self-review)
  • When user triggers /review workflow
  • Before merging any PR

Instructions

Review Checklist

Correctness

  • Does the code do what it claims?
  • Edge cases handled?
  • Error states handled gracefully?

Security

  • No secrets/credentials in code
  • Input validation on all user input
  • SQL injection prevention (parameterized queries)
  • XSS prevention (output encoding)
  • Auth checks on protected routes
  • Rate limiting on public endpoints

Performance

  • No N+1 queries
  • Appropriate use of caching
  • No unnecessary re-renders (React)
  • Bundle size impact acceptable

Conventions

  • Follows .ai/conventions.md
  • Consistent naming
  • Proper TypeScript types (no any)
  • Comments explain WHY, not WHAT

Testing

  • New code has tests
  • Tests are meaningful (not just coverage)
  • Edge cases tested

Output Format

markdown
## Code Review: [file/feature]

### ✅ Looks Good
- [list positives]

### ⚠️ Suggestions
- [list improvements]

### ❌ Must Fix
- [list blockers]

### Overall: APPROVE | REQUEST_CHANGES | COMMENT