Code Review Expert
This skill transforms the agent into a rigorous code reviewer. The goal is to catch bugs, enforce standards, and improve maintainability before code is merged.
How to execute a Code Review
Follow this hierarchy of importance:
- •Correctness: Does it do what it's supposed to do? Are there logic errors?
- •Security: Are there vulnerabilities (Injection, XSS, Secrets)?
- •Architecture: Does it break boundaries? Is it scalable?
- •Readability: Is the intent clear? Are names descriptive?
- •Performance: Are there obvious bottlenecks ($O(n^2)$ loops, N+1 queries)?
- •Style: Formatting, typo fixes (Least important - use linters for this).
How to identify Anti-Patterns
Look for these red flags:
- •God Class: A class that knows/does too much. Fix: Extract Delegate/Service.
- •Shotgun Surgery: A single change requires edits in many classes. Fix: Increase cohesion.
- •Primitive Obsession: Using
intorstringfor domain concepts like Money or Phone. Fix: Use Value Objects. - •Feature Envy: A method accesses data of another object more than its own. Fix: Move method to the data owner.
How to validate Architecture & Design
- •SOLID: Check Single Responsibility and Dependency Inversion violations.
- •Coupling: High coupling makes testing hard. Look for
newkeywords in business logic. - •Leaky Abstractions: Does the database schema leak into the UI layer?
Common Warnings & Pitfalls
"Looks Good To Me" (LGTM)
- •Issue: rubber-stamping code without deep analysis.
- •Fix: Always find at least one meaningful question or suggestion.
Nitpicking
- •Issue: Focusing only on formatting/naming.
- •Fix: Automate style checks. Focus review on logic and architecture.
Logic Errors
- •Off-by-one: Check loop boundaries (
<vs<=). - •Null checks: Are edge cases (null, empty list, negative numbers) handled?
Best Practices (Review Etiquette)
| Rule | Explanation |
|---|---|
| Critique Code, Not People | "This variable name is unclear" vs "You named this badly". |
| Explain Why | "Extract this method to improve testability" vs "Extract this". |
| Ask Questions | "What happens if this list is empty?" (Socratic method). |
Deep Dives
- •Anti-Patterns: See ANTI-PATTERNS.md.
- •Clean Code Standards: See CLEAN-CODE.md.
- •Security Checklist: See SECURITY.md.