Review the following staged changes for issues:
!git diff --staged
Check for:
- •Security issues — SQL injection, XSS, open redirects, hardcoded secrets, CORS misconfiguration
- •Logic bugs — Wrong variable names, off-by-one errors, timezone mismatches, using
created_atfor business dates - •Convention violations — Does the new code match existing patterns in the codebase?
- •Missing validation — Input validation at API boundaries, error handling for external calls
- •Over-engineering — Unnecessary abstractions, premature optimization, dead code
Do NOT:
- •Suggest style changes or formatting tweaks
- •Add comments to working code
- •Flag things that are fine but "could be improved"
- •Recommend adding type annotations to code you didn't write
Report only real issues. If everything looks clean, say: "No issues found. Ready to commit."