github-code-review

GitHub Code Review Skill

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "github-code-review" with this command: npx skills add vamseeachanta/workspace-hub/vamseeachanta-workspace-hub-github-code-review

GitHub Code Review Skill

Overview

Deploy specialized AI agents for comprehensive code reviews. This skill provides multi-agent review capabilities covering security vulnerabilities, performance bottlenecks, architecture patterns, and code style enforcement.

Quick Start

Get PR details for review

gh pr view 123 --json files,additions,deletions,title,body

Get PR diff

gh pr diff 123

Post review comment

gh pr review 123 --comment --body "Review findings..."

Approve PR

gh pr review 123 --approve --body "LGTM!"

Request changes

gh pr review 123 --request-changes --body "Please fix..."

When to Use

  • Automated code review for pull requests

  • Security vulnerability analysis

  • Performance bottleneck detection

  • Architecture pattern validation

  • Style and convention enforcement

  • Multi-agent collaborative review

Review Agents

Security Agent

Check Description

SQL injection Detect SQL injection vulnerabilities

XSS Cross-site scripting attack vectors

Authentication Auth bypasses and flaws

Cryptographic Weak crypto implementations

Secrets Exposed credentials or API keys

CORS Misconfiguration issues

Performance Agent

Metric Description

Algorithm complexity Big-O analysis

Query efficiency N+1 queries, slow queries

Memory patterns Allocation and leaks

Cache utilization Caching opportunities

Bundle size Impact on bundle size

Style Agent

Check Description

Code formatting Consistent formatting

Naming conventions Variable/function naming

Documentation Comment quality

Test coverage Missing tests

Error handling Proper error patterns

Architecture Agent

Pattern Description

SOLID principles Single responsibility, etc.

DRY violations Code duplication

Coupling metrics Component dependencies

Layer violations Architecture boundaries

Circular dependencies Dependency cycles

Usage Examples

  1. Multi-Agent Review System

Get PR details

PR_DATA=$(gh pr view 123 --json files,additions,deletions,title,body) PR_DIFF=$(gh pr diff 123)

Initialize swarm with PR context

npx ruv-swarm github review-init
--pr 123
--pr-data "$PR_DATA"
--diff "$PR_DIFF"
--agents "security,performance,style,architecture"
--depth comprehensive

Post initial review status

gh pr comment 123 --body "Multi-agent code review initiated"

  1. Security-Focused Review

Get changed files

CHANGED_FILES=$(gh pr view 123 --json files --jq '.files[].path')

Run security review

SECURITY_RESULTS=$(npx ruv-swarm github review-security
--pr 123
--files "$CHANGED_FILES"
--check "owasp,cve,secrets,permissions"
--suggest-fixes)

Post findings based on severity

if echo "$SECURITY_RESULTS" | grep -q "critical"; then gh pr review 123 --request-changes --body "$SECURITY_RESULTS" gh pr edit 123 --add-label "security-review-required" else gh pr comment 123 --body "$SECURITY_RESULTS" fi

  1. Initialize Review Swarm

// Initialize code review swarm

// Orchestrate parallel review task: "Comprehensive code review covering security, performance, style, and architecture", strategy: "parallel", priority: "high" })

  1. Post Inline Comments

Get diff with context

PR_DIFF=$(gh pr diff 123 --color never) PR_FILES=$(gh pr view 123 --json files)

Generate review comments

COMMENTS=$(npx ruv-swarm github review-comment
--pr 123
--diff "$PR_DIFF"
--files "$PR_FILES"
--style "constructive"
--include-examples
--suggest-fixes)

Post inline comments

echo "$COMMENTS" | jq -c '.[]' | while read -r comment; do FILE=$(echo "$comment" | jq -r '.path') LINE=$(echo "$comment" | jq -r '.line') BODY=$(echo "$comment" | jq -r '.body')

gh api
--method POST
/repos/owner/repo/pulls/123/comments
-f path="$FILE"
-f line="$LINE"
-f body="$BODY"
-f commit_id="$(gh pr view 123 --json headRefOid -q .headRefOid)" done

Review Configuration

.github/review-swarm.yml

version: 1 review: auto-trigger: true required-agents: - security - performance - style optional-agents: - architecture - accessibility - i18n

thresholds: security: block performance: warn style: suggest

rules: security: - no-eval - no-hardcoded-secrets - proper-auth-checks performance: - no-n-plus-one - efficient-queries - proper-caching architecture: - max-coupling: 5 - min-cohesion: 0.7 - follow-patterns

MCP Tool Integration

Swarm Coordination

// Initialize review swarm topology: "hierarchical", maxAgents: 5, strategy: "specialized" })

// Spawn specialized reviewers agents: [ { type: "reviewer", name: "security-agent", capabilities: ["security-audit"] }, { type: "reviewer", name: "perf-agent", capabilities: ["performance-analysis"] }, { type: "reviewer", name: "style-agent", capabilities: ["code-style"] } ] })

Memory for Review State

// Store review findings action: "store", key: "review/pr-123/findings", value: JSON.stringify({ security: { issues: 2, severity: "medium" }, performance: { issues: 1, severity: "low" }, style: { issues: 5, severity: "info" } }) })

GitHub Actions Integration

.github/workflows/auto-review.yml

name: Automated Code Review on: pull_request: types: [opened, synchronize]

jobs: swarm-review: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: fetch-depth: 0

  - name: Setup GitHub CLI
    run: echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token

  - name: Run Review Swarm
    run: |
      PR_NUM=${{ github.event.pull_request.number }}
      PR_DATA=$(gh pr view $PR_NUM --json files,title,body,labels)

      REVIEW_OUTPUT=$(npx ruv-swarm github review-all \
        --pr $PR_NUM \
        --pr-data "$PR_DATA" \
        --agents "security,performance,style,architecture")

      echo "$REVIEW_OUTPUT" | gh pr review $PR_NUM --comment -F -

      if echo "$REVIEW_OUTPUT" | grep -q "approved"; then
        gh pr review $PR_NUM --approve
      elif echo "$REVIEW_OUTPUT" | grep -q "changes-requested"; then
        gh pr review $PR_NUM --request-changes -b "See review comments above"
      fi

Comment Templates

Security Issue

Security Issue: [Type]

Severity: Critical / High / Low

Description: [Clear explanation of the security issue]

Impact: [Potential consequences if not addressed]

Suggested Fix:

[Code example of the fix]

References:

- OWASP Guide

### Performance Issue

```markdown
**Performance Issue: [Type]**

**Impact**: [Expected performance degradation]

**Current**:
```language
[Current code]

Suggested:

[Optimized code]

## Best Practices

### 1. Review Configuration
- Define clear review criteria
- Set appropriate thresholds
- Configure agent specializations
- Establish override procedures

### 2. Comment Quality
- Provide actionable feedback
- Include code examples
- Reference documentation
- Maintain respectful tone

### 3. Performance
- Cache analysis results
- Incremental reviews for large PRs
- Parallel agent execution
- Smart comment batching

---

## Version History

- **1.0.0** (2025-01-02): Initial release - converted from code-review-swarm agent

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

cli-productivity

No summary provided by upstream source.

Repository SourceNeeds Review
55-vamseeachanta
Coding

python-docx

No summary provided by upstream source.

Repository SourceNeeds Review
50-vamseeachanta
Coding

python-pptx

No summary provided by upstream source.

Repository SourceNeeds Review
31-vamseeachanta
Coding

vscode-extensions

No summary provided by upstream source.

Repository SourceNeeds Review
28-vamseeachanta