code-review

If you see unfamiliar placeholders or need to check which tools are connected, see CONNECTORS.md.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "code-review" with this command: npx skills add anthropics/knowledge-work-plugins/anthropics-knowledge-work-plugins-code-review

/code-review

If you see unfamiliar placeholders or need to check which tools are connected, see CONNECTORS.md.

Review code changes with a structured lens on security, performance, correctness, and maintainability.

Usage

/code-review <PR URL or file path>

Review the provided code changes: @$1

If no specific file or URL is provided, ask what to review.

How It Works

┌─────────────────────────────────────────────────────────────────┐ │ CODE REVIEW │ ├─────────────────────────────────────────────────────────────────┤ │ STANDALONE (always works) │ │ ✓ Paste a diff, PR URL, or point to files │ │ ✓ Security audit (OWASP top 10, injection, auth) │ │ ✓ Performance review (N+1, memory leaks, complexity) │ │ ✓ Correctness (edge cases, error handling, race conditions) │ │ ✓ Style (naming, structure, readability) │ │ ✓ Actionable suggestions with code examples │ ├─────────────────────────────────────────────────────────────────┤ │ SUPERCHARGED (when you connect your tools) │ │ + Source control: Pull PR diff automatically │ │ + Project tracker: Link findings to tickets │ │ + Knowledge base: Check against team coding standards │ └─────────────────────────────────────────────────────────────────┘

Review Dimensions

Security

  • SQL injection, XSS, CSRF

  • Authentication and authorization flaws

  • Secrets or credentials in code

  • Insecure deserialization

  • Path traversal

  • SSRF

Performance

  • N+1 queries

  • Unnecessary memory allocations

  • Algorithmic complexity (O(n²) in hot paths)

  • Missing database indexes

  • Unbounded queries or loops

  • Resource leaks

Correctness

  • Edge cases (empty input, null, overflow)

  • Race conditions and concurrency issues

  • Error handling and propagation

  • Off-by-one errors

  • Type safety

Maintainability

  • Naming clarity

  • Single responsibility

  • Duplication

  • Test coverage

  • Documentation for non-obvious logic

Output

Code Review: [PR title or file]

Summary

[1-2 sentence overview of the changes and overall quality]

Critical Issues

#FileLineIssueSeverity
1[file][line][description]🔴 Critical

Suggestions

#FileLineSuggestionCategory
1[file][line][description]Performance

What Looks Good

  • [Positive observations]

Verdict

[Approve / Request Changes / Needs Discussion]

If Connectors Available

If ~~source control is connected:

  • Pull the PR diff automatically from the URL

  • Check CI status and test results

If ~~project tracker is connected:

  • Link findings to related tickets

  • Verify the PR addresses the stated requirements

If ~~knowledge base is connected:

  • Check changes against team coding standards and style guides

Tips

  • Provide context — "This is a hot path" or "This handles PII" helps me focus.

  • Specify concerns — "Focus on security" narrows the review.

  • Include tests — I'll check test coverage and quality too.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

nextflow-development

No summary provided by upstream source.

Repository SourceNeeds Review
-152
anthropics
Coding

clinical-trial-protocol-skill

No summary provided by upstream source.

Repository SourceNeeds Review
-67
anthropics
Research

data-visualization

No summary provided by upstream source.

Repository SourceNeeds Review
-2.2K
anthropics