AgentSkillsCN

backend-code-review

对后端 Python 代码进行评审,重点关注 FastAPI 设计模式、Pydantic 验证机制,以及安全最佳实践。

SKILL.md
--- frontmatter
name: backend-code-review
description: Reviews backend Python code focusing on FastAPI patterns, Pydantic validation, and security best practices.

Backend Code Review Skill

Purpose: Review backend Python code focusing on PEP 8 standards, FastAPI/Flask patterns, and Pydantic validation.

Location: /backend

Triggers: When reviewing Python code in the backend/ directory or any file modifications to FastAPI routes, Pydantic models, or core business logic.

Skill Overview

This skill provides automated and manual code review capabilities for the FastAPI backend. It enforces consistency across:

  • PEP 8 naming conventions and formatting
  • FastAPI route patterns and dependency injection
  • Pydantic model validation and constraints
  • Security best practices

Quick Commands

bash
# Run automated checks
cd backend && uv run python code_review.py

# Run linter
uv run ruff check .

# Run tests
uv run pytest

# Full review workflow
uv run ruff check . && uv run python code_review.py && uv run pytest

Review Categories

See review-categories.md for detailed checklists across PEP 8 standards, FastAPI patterns, Pydantic validation, and security best practices.

Using This Skill

When Code is Submitted for Review

  1. Run Automated Checks

    bash
    cd backend
    uv run python code_review.py
    
  2. Run Linter

    bash
    uv run ruff check .
    
  3. Run Test Suite

    bash
    uv run pytest
    
  4. Manual Review

    • Review against the checklists in this SKILL.md file
    • Check FastAPI patterns and Pydantic validation
    • Verify security best practices

Common Review Tasks

Reviewing a new route:

  • Check route decorator uses correct HTTP method
  • Verify request body validated with Pydantic model
  • Ensure response model defined
  • Check async/await usage (if I/O operations)
  • Verify error responses documented
  • Add docstring to route handler

Reviewing a Pydantic model:

  • Required fields before optional fields
  • All fields have type hints
  • Validators document expected formats
  • Field constraints sufficient (min/max length, patterns, etc.)
  • Error messages helpful and specific

Reviewing database queries:

  • Parameterized queries (no string concatenation)
  • Eager loading to prevent N+1
  • Transactions properly handled
  • Connection cleanup guaranteed

Files

  • SKILL.md - This file (skill definition)
  • code_review.py - Automated checker script (located in backend/)
  • backend/README.md - Backend development guide with setup and running instructions

Integration with Development

  • CI/CD runs ruff check on all PRs
  • Tests run in CI to catch failures
  • Code review skill used for:
    • Pre-commit validation during development
    • PR review before merge
    • Onboarding new developers
    • Maintaining consistency

Resources

Related Files