Skills

ai-generated-business-code-review

Installation
SKILL.md

AI Business Code Review

Overview

Review AI-generated business/application code for correctness, robustness, maintainability, performance, and security. Output a 0-10 score, a risk level, and a must-fix checklist. For C++ code, REQUIRED: use openharmony-cpp and openharmony-security-review as hard constraints.

When to Use

  • AI-generated business/app code review or quality evaluation
  • Need scoring, risk level, or must-fix checklist
  • C++ business code must meet OpenHarmony coding/security requirements

Workflow

  1. Identify language and code type (business vs test). If test code, use ai-generated-ut-code-review instead.
  2. For C++: load and apply openharmony-cpp + openharmony-security-review as mandatory constraints.
  3. Inspect behavior vs requirements, edge cases, error handling, resource management, and security.
  4. Score by rubric, assign risk level, list must-fix items with concrete evidence (file/line or snippet).

Scoring (0-10)

Each dimension 0-2 points. Sum = total score.

Dimension 0 1 2
Correctness Wrong/missing key behavior Partial/assumptions Meets requirements
Robustness Crashes/leaks/unchecked errors Some edge handling Solid edge/error handling
Maintainability Hard to read/modify Mixed quality Clear structure & naming
Performance Inefficient hot paths Acceptable but improvable Efficient for expected load
Security Clear vulnerabilities Weak validation/unsafe Safe-by-default, validated

Risk Levels

  • Blocker: security漏洞、严重逻辑错误、或违反 C++ 强制规范
  • High: 关键路径缺失、异常处理不完整、明显资源泄漏
  • Medium: 维护性或性能风险显著
  • Low: 轻微问题或风格一致性

Must-Fix Checklist

  • 外部输入有明确校验与错误反馈
  • 关键异常路径可达且可观测(日志/错误码/异常)
  • 资源释放或 RAII 保证(C++)
  • C++ 场景满足 openharmony-cppopenharmony-security-review

AI-Generated Code Pitfalls (Check Explicitly)

  • 需求误解、隐含前提错误
  • 只覆盖 happy-path,忽略异常/边界
  • 吞异常或默认值不合理
  • 复制粘贴造成重复与不一致
  • 过度复杂化或抽象错误

Output Format (Required, Semi-fixed)

  • Score: x/10 — Correctness x, Robustness x, Maintainability x, Performance x, Security x
  • Risk: Low/Medium/High/Blocker — 简述风险原因(1 行)
  • Must-fix:
    • [动作 + 证据]
    • [动作 + 证据]
  • Key Evidence:
    • 引用具体函数/类/路径(1-2 条)
  • Notes:
    • 最小修复建议或替代方案(1-2 行)

Rules:

  • C++ 必须在 Key EvidenceMust-fix 中明确指出违反 openharmony-cpp/openharmony-security-review 的点
  • 至少 2 条证据;证据不足需说明并降分
  • 禁止只给总体评价

Common Mistakes

  • 只给总体评价,不给证据
  • 忽略 C++ 强制规范
  • 将风格问题当作阻断风险

Example (Concise)

Score: 6/10 (Correctness 1, Robustness 1, Maintainability 1, Performance 1, Security 2) Risk: High Must-fix:

  • Missing input validation in createUser() (null/empty, length, format)
  • Error path swallows exceptions without logging Key Evidence:
  • createUser() accepts raw input without checks
  • catch block is empty in persistUser() Notes:
  • Add explicit validation and return structured errors.
Related skills

More from openharmonyinsight/openharmony-skills

Installs
53
Repository
openharmonyinsi…y-skills
GitHub Stars
20
First Seen
Feb 7, 2026
Security Audits
SnykPass