phoenix-code-review

Reviews Phoenix code for controller patterns, context boundaries, routing, and plugs. Use when reviewing Phoenix apps, checking controllers, routers, or context modules.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "phoenix-code-review" with this command: npx skills add anderskev/phoenix-code-review

Phoenix Code Review

Quick Reference

Issue TypeReference
Bounded contexts, Ecto integrationreferences/contexts.md
Actions, params, error handlingreferences/controllers.md
Pipelines, scopes, verified routesreferences/routing.md
Custom plugs, authenticationreferences/plugs.md

Review Checklist

Controllers

  • Business logic in contexts, not controllers
  • Controllers return proper HTTP status codes
  • Action clauses handle all expected patterns
  • Fallback controllers handle errors consistently

Contexts

  • Contexts are bounded by domain, not technical layer
  • Public functions have clear, domain-focused names
  • Changesets validate all user input
  • No Ecto queries in controllers

Routing

  • Verified routes (~p sigil) used, not string paths
  • Pipelines group related plugs
  • Resources use only needed actions
  • Scopes group related routes

Plugs

  • Authentication/authorization via plugs
  • Plugs are composable and single-purpose
  • Halt called after sending response in plugs

JSON APIs

  • Proper content negotiation
  • Consistent error response format
  • Pagination for list endpoints

Valid Patterns (Do NOT Flag)

  • Controller calling multiple contexts - Valid for orchestration
  • Inline Ecto query in context - Context owns its data access
  • Using action_fallback - Centralized error handling pattern
  • Multiple pipelines per route - Composition is intentional
  • Plug.Conn.halt/1 without send - May be handled by fallback

Context-Sensitive Rules

IssueFlag ONLY IF
Missing changeset validationField accepts user input AND no validation exists
Controller too largeMore than 7 actions OR actions > 20 lines
Missing authorizationRoute is not public AND no auth plug in pipeline

Gates (run in order; each step has a pass condition)

  1. Anchored evidence — For every planned finding, open the source and note file path + line number from that read (not from memory or diff snippets alone). Pass: each finding cites path:line that you opened.
  2. “Handled elsewhere” sweep — Before reporting “missing validation,” “missing auth,” or “wrong status,” search the router (pipelines/scopes), controller (action_fallback, plug), and relevant context for existing checks. Pass: you recorded whether handling exists elsewhere (yes + where, or no after search).
  3. Verification protocol — Load and apply review-verification-protocol for the issue type. Pass: that skill’s pre-report checks for that finding class are satisfied before you write the finding.
  4. Finding shape — Emit each issue as [FILE:LINE] ISSUE_TITLE with a one-line rationale tied to the cited code. Pass: every line matches that pattern.

Before Submitting Findings

Do not report until Gates above pass. For full anti-false-positive steps, follow review-verification-protocol.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

Spicy Ai Video

Turn a 60-second talking head clip into 1080p high-energy edited videos just by typing what you need. Whether it's turning bland footage into visually intens...

Registry SourceRecently Updated
100tk8544-b
Coding

Video Maker Fast

Get polished MP4 videos ready to post, without touching a single slider. Upload your video clips (MP4, MOV, AVI, WebM, up to 500MB), say something like "trim...

Registry SourceRecently Updated
120peand-rover
Coding

Generation Generator

generate text prompts or clips into AI generated videos with this skill. Works with MP4, MOV, PNG, JPG files up to 500MB. marketers, content creators, social...

Registry SourceRecently Updated
80mory128
Coding

Editor On Android

Get edited MP4 clips ready to post, without touching a single slider. Upload your video clips (MP4, MOV, AVI, WebM, up to 500MB), say something like "trim th...

Registry SourceRecently Updated
160mory128