code-reviewer

This skill provides comprehensive code review capabilities across multiple programming languages including TypeScript, JavaScript, Python, Swift, and Kotlin. Focus areas: code quality, security, performance, and maintainability.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "code-reviewer" with this command: npx skills add vamseeachanta/workspace-hub/vamseeachanta-workspace-hub-code-reviewer

Code Reviewer Skill

Overview

This skill provides comprehensive code review capabilities across multiple programming languages including TypeScript, JavaScript, Python, Swift, and Kotlin. Focus areas: code quality, security, performance, and maintainability.

Quick Start

  • Identify scope - Files or PR to review

  • Run analysis - Check code quality, security, performance

  • Document findings - Categorize by severity

  • Provide recommendations - Actionable improvements

  • Generate report - Structured review output

When to Use

  • Pull request reviews

  • Pre-merge quality gates

  • Code audit requirements

  • Security assessments

  • Performance optimization reviews

  • Onboarding code familiarization

Review Categories

  1. Code Quality

Aspect Check For

Clarity Readable, self-documenting code

Naming Descriptive, consistent conventions

Structure Single responsibility, appropriate abstraction

DRY No unnecessary duplication

Complexity Cyclomatic complexity within limits

  1. Security

Aspect Check For

Input validation All user inputs validated

SQL injection Parameterized queries

XSS Output encoding

Auth/AuthZ Proper authentication and authorization

Secrets No hardcoded credentials

Dependencies Updated, no known vulnerabilities

  1. Performance

Aspect Check For

Algorithms Appropriate time complexity

Memory No leaks, efficient usage

Database Optimized queries, proper indexing

Caching Appropriate cache usage

Async Non-blocking operations where needed

  1. Testing

Aspect Check For

Coverage Critical paths tested

Quality Meaningful assertions

Isolation Tests don't depend on each other

Edge cases Boundary conditions covered

Mocking Minimal, appropriate mocking

Review Process

Step 1: Context Gathering

Review Context

  • PR/Files: [identifier]
  • Author: [name]
  • Purpose: [feature/bugfix/refactor]
  • Related: [issues/tickets]

Step 2: High-Level Analysis

Scan for:

  • Overall change scope

  • Architectural impact

  • Breaking changes

  • New dependencies

Step 3: Detailed Review

For each file:

[filename]

Changes: [summary]

Findings:

  • [severity] [category]: [description]
    • Location: line X
    • Recommendation: [action]

Step 4: Security Deep Dive

Special attention to:

  • Authentication flows

  • Data handling

  • API endpoints

  • Configuration files

  • Environment variables

Step 5: Test Verification

  • Run existing tests

  • Verify new test coverage

  • Check test quality

  • Identify missing tests

Severity Levels

Level Description Action

Critical Security vulnerability, data loss risk Block merge

High Bugs, significant issues Must fix

Medium Code quality, maintainability Should fix

Low Style, minor improvements Consider

Info Suggestions, observations Optional

Review Checklist

General

  • Code compiles/builds without errors

  • No merge conflicts

  • Branch is up to date with target

  • Commit messages are clear

Functionality

  • Requirements are met

  • Edge cases handled

  • Error handling is appropriate

  • No regression in existing functionality

Code Quality

  • Follows project coding standards

  • No code smells or anti-patterns

  • Appropriate comments (not excessive)

  • No dead code or debug statements

Security

  • No hardcoded secrets

  • Input validation present

  • Output encoding where needed

  • Proper error messages (no info leak)

Testing

  • New code has tests

  • All tests pass

  • Test coverage adequate

  • Tests are meaningful

Documentation

  • README updated if needed

  • API docs updated if applicable

  • Breaking changes documented

Common Anti-Patterns

Code Smells

Pattern Problem Solution

God Object Class does too much Split responsibilities

Feature Envy Method uses other class more Move to appropriate class

Long Method Hard to understand Extract smaller methods

Magic Numbers Unclear meaning Use named constants

Deep Nesting Hard to follow Early returns, extraction

Security Issues

Pattern Problem Solution

SQL Concat Injection risk Parameterized queries

Eval Usage Code injection Safe alternatives

Weak Crypto Breakable encryption Strong algorithms

CORS * Access control bypass Specific origins

Console Secrets Credential exposure Remove before commit

Review Report Template

Code Review Report

Summary

  • Reviewed: [files/PR]
  • Date: [date]
  • Reviewer: [name]
  • Overall: [APPROVE/REQUEST_CHANGES/COMMENT]

Statistics

  • Files reviewed: X
  • Lines changed: +Y/-Z
  • Critical issues: N
  • High issues: N
  • Medium issues: N

Critical/High Findings

[Finding Title]

  • Severity: Critical/High
  • Category: Security/Bug/Performance
  • Location: file:line
  • Description: [details]
  • Recommendation: [action]
  • Code suggestion: ```language // suggested fix ```

Medium/Low Findings

[Grouped by category]

Positive Observations

  • [Good practices noticed]

Recommendations

  1. [Priority improvement]
  2. [Secondary improvement]

Test Coverage

  • Current: X%
  • Critical paths: Y%
  • Recommendation: [action]

Best Practices

Do

  • Review in small batches (200-400 lines ideal)

  • Focus on logic, not style (use linters)

  • Ask questions rather than demand changes

  • Acknowledge good code

  • Provide specific, actionable feedback

  • Test the changes locally when possible

Don't

  • Nitpick style issues

  • Rewrite author's code in comments

  • Leave vague feedback ("this is wrong")

  • Review when fatigued

  • Approve without understanding

  • Block for preferences, not issues

Error Handling

Situation Action

Too large PR Request split into smaller PRs

Missing context Ask author for explanation

Unclear requirements Defer to requirements review

Disagreement Escalate with evidence

Metrics

Metric Target Description

Review turnaround <24h Time to first review

Defect detection

80% Issues caught before merge

False positive rate <10% Unnecessary comments

Review thoroughness 100% All critical areas covered

Technology-Specific Notes

TypeScript/JavaScript

  • Check for any/unknown abuse

  • Verify type safety

  • Review async/await handling

  • Check for memory leaks in React

Python

  • PEP 8 compliance

  • Type hints present

  • Exception handling

  • Virtual environment usage

Go

  • Error handling patterns

  • Goroutine leaks

  • Interface usage

  • Package organization

Related Skills

  • tdd-obra - Test-first development

  • systematic-debugging - Debugging methodology

  • subagent-driven - Development with reviews

Version History

  • 1.0.0 (2026-01-19): Initial release adapted from alirezarezvani/claude-skills

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

hidden-folder-audit

No summary provided by upstream source.

Repository SourceNeeds Review
-19
vamseeachanta
General

echarts

No summary provided by upstream source.

Repository SourceNeeds Review
-134
vamseeachanta
General

pandoc

No summary provided by upstream source.

Repository SourceNeeds Review
-74
vamseeachanta