AgentSkillsCN

code-review

针对代码的正确性、安全性、风格与性能,开展系统化的代码审查。当用户请求代码审查,或在提交重大变更之前,此技能将为您提供有力支持。

SKILL.md
--- frontmatter
name: code-review
description: systematic code review for correctness, security, style, and performance. Use this when the user asks for a review or before committing significant changes.

Code Review Skill

This skill provides a structured approach to reviewing code, ensuring high quality, security, and adherence to project standards (as defined in tech_standards.md).

Verification Hierarchy

Review the code in this specific order of priority:

  1. Correctness & Logic (Critical)

    • Does the code actually solve the problem?
    • Are edge cases handled (nulls, empty lists, network failures)?
    • Is the logic sound and bug-free?
    • Action: If checking a fix, verify it doesn't break other parts (regression).
  2. Security (Critical - Refer to security-audit for deep dives)

    • Input Validation: Are all inputs sanitized? (No raw SQL, no unsafe HTML).
    • Secrets: Are API keys or credentials hardcoded? (Immediate FAIL if found).
    • Auth: Is authentication/authorization bypassed or weak?
  3. Style & Standards (Important - Refer to tech_standards.md)

    • Naming: Do variables/functions use clear, descriptive names? (e.g., isUserLoggedIn vs flag).
    • Typing: Is any used? (Strictly forbidden). Are types explicit?
    • Imports: Are path aliases (@/) used instead of relative paths (../../../)?
    • Structure: Is the file too large? Should it be broken down?
  4. Performance (Optimization)

    • Are there unnecessary loops or expensive computations?
    • Is there redundant state re-rendering (frontend)?
    • Are database queries optimized (N+1 problems)?

Output Format

Provide feedback in this format:

🚨 Critical Issues (Must Fix)

List logical bugs, security holes, or blocking standard violations.

⚠️ Improvements (Should Fix)

List style refactors, standard violations, or performance tweaks.

✅ Good Practices

Highlight clever solutions or clean implementations.

Recommended Action

Summary of what to do next (e.g., "Fix critical issues before commit" or "Approved with minor nits").