Skills
skills/latestaiagents/agent-skills/ai-code-reviewer

ai-code-reviewer

SKILL.md

AI Code Reviewer

Systematically review AI-generated code to catch common mistakes before they hit production.

When to Use

  • After AI generates code you plan to use
  • Before committing AI-assisted changes
  • When AI code "looks right" but you want verification
  • Reviewing PRs with significant AI-generated content

The AI Code Review Checklist

1. Correctness Issues (Most Common)

AI often generates code that looks correct but has subtle bugs.

Check for:

  • Hallucinated APIs - Methods/functions that don't exist

    // AI might generate:
array.findLast(x => x.id === id)  // Verify this exists in your target

  • Wrong library versions - API changes between versions

    // React 18 vs 19 differences
// Node.js API differences

  • Off-by-one errors - Loop bounds, array indices

    for (let i = 0; i <= arr.length; i++)  // Should be <

  • Incorrect null/undefined handling

    user.profile.name  // What if profile is undefined?

2. Security Issues

AI doesn't prioritize security unless explicitly asked.

Check for:

  • SQL Injection

    // BAD: AI might generate
db.query(`SELECT * FROM users WHERE id = ${userId}`)

// GOOD: Parameterized
db.query('SELECT * FROM users WHERE id = $1', [userId])

  • XSS Vulnerabilities

    // BAD: Direct HTML insertion
element.innerHTML = userInput

// GOOD: Escaped or use framework
element.textContent = userInput

  • Exposed Secrets

    // AI might hardcode values from context
const API_KEY = 'sk-abc123...'  // Should be env var

  • Missing Input Validation

    // AI often skips validation
function processData(data) {
  return data.items.map(...)  // What if data is null?
}

3. Performance Issues

AI optimizes for "looks correct" not "performs well."

Check for:

  • N+1 Queries

    // BAD: AI loves this pattern
users.forEach(async user => {
  const posts = await getPosts(user.id)  // N queries!
})

// GOOD: Batch
const posts = await getPostsForUsers(userIds)

  • Unnecessary Re-renders (React)

    // BAD: New object every render
<Component style={{ margin: 10 }} />

// GOOD: Stable reference
const style = useMemo(() => ({ margin: 10 }), [])

  • Memory Leaks

    // BAD: Missing cleanup
useEffect(() => {
  const interval = setInterval(fetch, 1000)
  // No cleanup!
}, [])

// GOOD: Cleanup
useEffect(() => {
  const interval = setInterval(fetch, 1000)
  return () => clearInterval(interval)
}, [])

  • Blocking Operations

    // BAD: Sync file operations
const data = fs.readFileSync(path)

// GOOD: Async
const data = await fs.promises.readFile(path)

4. Maintainability Issues

AI generates "works now" code, not "maintainable" code.

Check for:

  • Magic Numbers/Strings

    // BAD
if (status === 3) { ... }

// GOOD
if (status === OrderStatus.SHIPPED) { ... }

  • Inconsistent Patterns

    // AI might mix patterns
const getUser = async () => {}  // Arrow function
async function getPost() {}      // Function declaration

  • Missing Types (TypeScript)

    // BAD: AI uses 'any' when uncertain
function process(data: any) { ... }

// GOOD: Proper types
function process(data: ProcessInput) { ... }

  • Dead Code

    // AI sometimes includes unused variables/imports
import { unused } from './utils'
const temp = calculate()  // Never used

5. Integration Issues

AI doesn't know your codebase deeply.

Check for:

  • Duplicate Logic - Does similar code already exist?
  • Wrong Imports - Using the right internal modules?
  • Naming Mismatches - Following your conventions?
  • Missing Error Handling - Using your error patterns?

Review Workflow

Step 1: Quick Scan (30 seconds)

- Does it compile/run?
- Any obvious red flags?
- Right general approach?

Step 2: Security Review (1 minute)

- User input handling?
- Database queries?
- Authentication/authorization?
- Sensitive data exposure?

Step 3: Logic Review (2-3 minutes)

- Edge cases handled?
- Null/undefined checks?
- Error scenarios?
- Loop bounds correct?

Step 4: Integration Review (1-2 minutes)

- Follows project patterns?
- Uses existing utilities?
- Correct imports?
- Consistent naming?

Step 5: Performance Review (1 minute)

- Obvious inefficiencies?
- Unnecessary operations?
- Memory management?
- Async patterns?

Common AI Mistakes by Language

JavaScript/TypeScript

  • Missing await on async functions
  • Wrong this context in callbacks
  • Type assertions hiding real issues (as any)
  • Mixing CommonJS and ESM imports

Python

  • Mutable default arguments
  • Not closing file handles
  • Missing __init__.py awareness
  • Wrong exception handling scope

React

  • Missing dependency arrays in hooks
  • Incorrect key props in lists
  • State updates in render
  • Missing cleanup in effects

SQL

  • Missing indexes awareness
  • Cartesian products from bad joins
  • Not using transactions
  • Inefficient subqueries

Quick Validation Commands

# TypeScript: Compile check
npx tsc --noEmit

# ESLint: Style and common errors
npx eslint src/new-file.ts

# Tests: Run affected tests
npm test -- --findRelatedTests src/new-file.ts

# Security: Quick scan
npx audit-ci --moderate

When to Regenerate vs Fix

Regenerate if:

  • Fundamental approach is wrong
  • Would require 50%+ rewrite
  • Security issue is systemic

Fix manually if:

  • Small corrections needed
  • Logic is sound, details wrong
  • Integration issues only

Documentation Template

When the review passes:

## AI Code Review

**Generated by:** [Claude/GPT/etc]
**Reviewed by:** [Your name]
**Date:** [Date]

### Changes Made After Review
- Fixed null check on line 45
- Added input validation
- Replaced magic number with constant

### Verified
- [x] Security review passed
- [x] Tests added/passing
- [x] Follows project conventions
Weekly Installs
5
Repository
latestaiagents/…t-skills
GitHub Stars
2
First Seen
Feb 4, 2026
Security Audits
Gen Agent Trust HubFail
SocketPass
SnykPass
Installed on
mcpjam5
claude-code5
replit5
junie5
windsurf5
zencoder5