code-review

When reviewing code, follow this structured process:

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "code-review" with this command: npx skills add aakash-dhar/claude-skills/aakash-dhar-claude-skills-code-review

Code Review Skill

When reviewing code, follow this structured process:

  1. Understand the Context

  • What does this code do? Summarize its purpose in 1-2 sentences

  • What files were changed and why?

  • If reviewing a diff, understand both the before and after

  1. Correctness

  • Are there any logic bugs?

  • Are edge cases handled (null, empty, zero, negative, boundary values)?

  • Are error paths handled properly with meaningful error messages?

  • Are return types and values correct?

  • Are async operations handled properly (missing await, race conditions)?

  1. Security

  • SQL injection or NoSQL injection risks

  • XSS vulnerabilities (unsanitized user input rendered in HTML)

  • Hardcoded secrets, API keys, or credentials

  • Insecure use of eval(), innerHTML, or dynamic code execution

  • Missing authentication or authorization checks

  • Sensitive data exposure in logs or error messages

  1. Performance

  • Unnecessary loops or O(n²) operations

  • Missing database indexes for frequent queries

  • N+1 query problems

  • Large objects held in memory unnecessarily

  • Missing pagination on list endpoints

  • Expensive operations inside loops that could be batched

  1. Readability & Maintainability

  • Are variable and function names clear and descriptive?

  • Are functions small and focused (single responsibility)?

  • Is there duplicated code that should be extracted?

  • Are magic numbers or strings replaced with named constants?

  • Is complex logic commented or self-documenting?

  1. Testing

  • Are there tests for the new/changed code?

  • Do tests cover happy path AND error cases?

  • Are tests testing behavior, not implementation details?

  • Are mocks used appropriately (not over-mocked)?

  1. Project Standards

  • Does the code follow the project's existing patterns and conventions?

  • Are imports organized consistently?

  • Does it match the linting and formatting rules?

  • Are types properly defined (no unnecessary any in TypeScript)?

Output Format

For each issue found, report it as:

[SEVERITY] Category — File:Line Description of the issue.

Suggested fix:

// corrected code here

Severity levels:

  • 🔴 CRITICAL — Bugs, security vulnerabilities, data loss risks. Must fix.

  • 🟡 WARNING — Performance issues, missing error handling, potential problems. Should fix.

  • 🟢 SUGGESTION — Readability, style, minor improvements. Nice to have.

Summary

End every review with:

  • Overall assessment — Is this safe to merge? (Yes / Yes with changes / No)

  • Critical issues count — How many must-fix items

  • Top 3 things done well — Always highlight positives

  • Top 3 improvements — Most impactful changes to make

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

code-review

No summary provided by upstream source.

Repository SourceNeeds Review
-67
secondsky
Security

security-audit

No summary provided by upstream source.

Repository SourceNeeds Review
-4
aakash-dhar
Security

vulnerability-report

No summary provided by upstream source.

Repository SourceNeeds Review
-4
aakash-dhar