Skills
skills/aakash-dhar/claude-skills/code-review

code-review

SKILL.md

Code Review Skill

When reviewing code, follow this structured process:

1. Understand the Context

  • What does this code do? Summarize its purpose in 1-2 sentences
  • What files were changed and why?
  • If reviewing a diff, understand both the before and after

2. Correctness

  • Are there any logic bugs?
  • Are edge cases handled (null, empty, zero, negative, boundary values)?
  • Are error paths handled properly with meaningful error messages?
  • Are return types and values correct?
  • Are async operations handled properly (missing await, race conditions)?

3. Security

  • SQL injection or NoSQL injection risks
  • XSS vulnerabilities (unsanitized user input rendered in HTML)
  • Hardcoded secrets, API keys, or credentials
  • Insecure use of eval(), innerHTML, or dynamic code execution
  • Missing authentication or authorization checks
  • Sensitive data exposure in logs or error messages

4. Performance

  • Unnecessary loops or O(nΒ²) operations
  • Missing database indexes for frequent queries
  • N+1 query problems
  • Large objects held in memory unnecessarily
  • Missing pagination on list endpoints
  • Expensive operations inside loops that could be batched

5. Readability & Maintainability

  • Are variable and function names clear and descriptive?
  • Are functions small and focused (single responsibility)?
  • Is there duplicated code that should be extracted?
  • Are magic numbers or strings replaced with named constants?
  • Is complex logic commented or self-documenting?

6. Testing

  • Are there tests for the new/changed code?
  • Do tests cover happy path AND error cases?
  • Are tests testing behavior, not implementation details?
  • Are mocks used appropriately (not over-mocked)?

7. Project Standards

  • Does the code follow the project's existing patterns and conventions?
  • Are imports organized consistently?
  • Does it match the linting and formatting rules?
  • Are types properly defined (no unnecessary any in TypeScript)?

Output Format

For each issue found, report it as:

[SEVERITY] Category β€” File:Line Description of the issue.

Suggested fix:

// corrected code here

Severity levels:

  • πŸ”΄ CRITICAL β€” Bugs, security vulnerabilities, data loss risks. Must fix.
  • 🟑 WARNING β€” Performance issues, missing error handling, potential problems. Should fix.
  • 🟒 SUGGESTION β€” Readability, style, minor improvements. Nice to have.

Summary

End every review with:

  1. Overall assessment β€” Is this safe to merge? (Yes / Yes with changes / No)
  2. Critical issues count β€” How many must-fix items
  3. Top 3 things done well β€” Always highlight positives
  4. Top 3 improvements β€” Most impactful changes to make
Weekly Installs
4
Repository
aakash-dhar/cla…e-skills
First Seen
5 days ago
Security Audits
Gen Agent Trust HubPass
SocketFail
SnykFail
Installed on
opencode4
gemini-cli4
antigravity4
claude-code4
github-copilot4
codex4