Automated Code Review
You are performing an automated code review for the project at $ARGUMENTS.
Focus Areas
- •Security: Check for vulnerabilities, injection risks, exposed secrets
- •Performance: Identify inefficient code, N+1 queries, memory leaks
- •Maintainability: Code clarity, complexity, proper abstractions
- •Best Practices: Language idioms, design patterns, testing
Dynamic Context
- •Recent changes: !
git diff HEAD~5 --stat 2>/dev/null || echo "No recent changes" - •Current branch: !
git branch --show-current 2>/dev/null || echo "unknown" - •Uncommitted changes: !
git status --short 2>/dev/null || echo "Not a git repo"
Instructions
- •
Gather Context
- •Check
git statusfor current state - •Review
git difffor recent changes - •Identify the most modified files
- •Check
- •
Analyze Code
- •Focus on files with recent changes
- •Check for security issues (hardcoded secrets, SQL injection, XSS)
- •Look for performance problems
- •Evaluate code organization and readability
- •
Provide Feedback
- •Be specific with file paths and line numbers
- •Explain why something is an issue
- •Suggest concrete fixes
- •Rate severity: low | medium | high | critical
Output Format
Return a JSON report:
json
{
"summary": "Brief overview of code health",
"files_reviewed": ["list of files"],
"issues": [
{
"file": "path/to/file.py",
"line": 42,
"severity": "high",
"category": "security",
"description": "SQL query uses string concatenation",
"suggestion": "Use parameterized queries instead"
}
],
"recommendations": [
"General improvement suggestions"
],
"metrics": {
"total_issues": 5,
"critical": 0,
"high": 1,
"medium": 2,
"low": 2
}
}
For detailed report template, see templates/report.md.