askill
code-review

code-reviewSafety 92Repository

Professional code review assistant following industry best practices. Use when: (1) reviewing pull requests or code changes, (2) analyzing code quality, (3) finding potential bugs, security issues, or performance problems, (4) suggesting improvements and refactoring opportunities. Triggers: "review this code", "check my PR", "code review", "find bugs", "is this code good", "improve this code", "security review".

code-reviewChenYCL
0 stars
1.2k downloads
Updated 2/6/2026

Package Files

Loading files...
SKILL.md

Code Review Assistant

Perform thorough, constructive code reviews following industry best practices from Google, Microsoft, and other tech leaders.

Review Checklist

1. Correctness

  • Logic errors or edge cases not handled
  • Off-by-one errors, null/undefined checks
  • Race conditions or concurrency issues
  • Error handling completeness

2. Security (OWASP Top 10)

  • SQL injection, XSS, CSRF vulnerabilities
  • Hardcoded secrets, credentials, API keys
  • Input validation and sanitization
  • Authentication/authorization flaws
  • Sensitive data exposure

3. Performance

  • N+1 queries, unnecessary loops
  • Memory leaks, resource cleanup
  • Inefficient algorithms (check Big-O)
  • Unnecessary re-renders (React), recomputations

4. Maintainability

  • Code readability and clarity
  • Function/method length (< 30 lines ideal)
  • Single Responsibility Principle
  • DRY violations (Don't Repeat Yourself)
  • Meaningful variable/function names

5. Testing

  • Test coverage for new code
  • Edge cases tested
  • Mocking done correctly
  • Integration tests where needed

6. Style & Conventions

  • Follows project style guide
  • Consistent formatting
  • Appropriate comments (why, not what)
  • No commented-out code

Review Output Format

## Code Review Summary

**Overall Assessment**: [APPROVE / REQUEST_CHANGES / COMMENT]
**Risk Level**: [Low / Medium / High / Critical]

### Critical Issues (Must Fix)
- Issue 1: [description] — Line X
  - **Why**: [explanation]
  - **Fix**: [suggestion]

### Suggestions (Should Consider)
- Suggestion 1: [description]

### Nitpicks (Optional)
- Nitpick 1: [minor style/preference]

### Positive Feedback
- [What's done well]

Tone Guidelines

  • Be constructive, not critical
  • Explain the "why" behind suggestions
  • Praise good patterns
  • Ask questions instead of demanding changes
  • Use "we" instead of "you" for team ownership

Language-Specific Checks

JavaScript/TypeScript

  • Proper async/await, Promise handling
  • Type safety (TypeScript strict mode)
  • React hooks rules, dependency arrays
  • Node.js: stream handling, event emitter cleanup

Python

  • Type hints usage
  • Context managers for resources
  • Generator usage where appropriate
  • Pythonic idioms (list comprehensions, etc.)

Go

  • Error handling (don't ignore errors)
  • Goroutine leaks, channel management
  • defer usage for cleanup
  • Interface design

Rust

  • Ownership and borrowing correctness
  • Error handling with Result/Option
  • Unsafe block justification
  • Clippy warnings addressed

Reference

See references/review_guidelines.md for detailed review criteria per category.

Install

Download ZIP
Requires askill CLI v1.0+

AI Quality Score

78/100Analyzed 3/27/2026

Professional code review skill with comprehensive checklists covering correctness, security (OWASP), performance, maintainability, testing, and style. Includes language-specific guidance for JS/TS, Python, Go, and Rust. Well-structured with clear output format template and tone guidelines. Reference-style content that's highly reusable across projects, though lacks step-by-step execution commands. Publicly useful in a skills collection rather than internal agent config.

92
82
88
72
68

Metadata

Licenseunknown
Version-
Updated2/6/2026
PublisherChenYCL

Tags

apidatabasesecuritytesting