askill
code-review

code-reviewSafety 85Repository

Audits code for errors, security issues, and alignment with project rules.

code-reviewmrjuguy
0 stars
1.2k downloads
Updated 2/15/2026

Package Files

Loading files...
SKILL.md

Code Review Standards

IMPORTANT: ASSUME the code has already passed tsc and eslint. Do not waste tokens checking for missing semicolons or any types. Focus on logic, user experience, and architecture.

1. The "North Star" Check

  • Verification: Does the code actually fulfill the requirements in specs/issue_*.md (or specs/active_PRD.md)?
  • Premium Polish: Does the code include the required premium indicators (Haptics, Skeletons, Loading states) mentioned in the PRD or Project Rules?
  • Visual Uniformity: Check for inconsistent design tokens (e.g., mismatched backgrounds or fonts across screens). A visual refactor is only complete when applied globally.
  • Scope Creep: Did the code add unnecessary features not requested in the PRD?

2. Technical Compliance

  • Stack Alignment: Does the code match the tools defined in specs/tech-stack.md? (e.g., Don't use axios if we decided on fetch).
  • Testing:
    • Do tests exist for the new code?
    • Do the tests follow the testing-standards skill?
  • Types/Safety:
    • Are errors handled gracefully (try/catch)?

3. Security & Cleanliness

  • Secrets: Are there any hardcoded API keys or passwords? (FLAG IMMEDIATELY).
  • Console Logs: Are there leftover console.log statements?
  • Comments: Are complex logic blocks explained with comments?

4. Logic & Architecture

  • DRY Types (The "Single Source" Rule): Never duplicate complex type or interface definitions. If a data structure is used in more than one layer (e.g., Service AND Hook), it MUST be defined in types/schema.ts and imported.
  • Error Handling: Every network or DB call MUST have a try/catch block or a defined error state in a TanStack query.

How to Report (Tiered Verification Standard)

1. Create the Artifact

  • Save the review to specs/reviews/YYYY-MM-DD-[feature_name].md.

2. Categorize Findings

Group all issues by their Priority Tier (Color Coded):

πŸ”΄ Critical (Red)

Blocking Issues. Immediate Fix Required.

  • Safety Violations: Missing allergen checks, data leaks between households.
  • Security: Hardcoded secrets, unvalidated inputs.
  • Crash Risks: Unhandled errors, infinite loops.

🟠 Major (Orange)

Functional Defects. Must Fix before Merge.

  • Logic Deviations: Code does not match the Logic in the Gap Analysis Engine.
  • Failed AC: Feature does not meet the Binary Acceptance Criteria in the PRD.
  • Performance: N+1 queries, unoptimized re-renders.

πŸ”΅ Minor (Cyan)

Polish & Aesthetics. Fix for v1.0 Quality.

  • Emerald UI: Deviations from Design System (spacing, colors, typography).
  • Polish: Missing haptics, skeleton loaders, or micro-animations.
  • Consistency: Variable naming, file structure quirks.

3. Verdict

  • PASS: No Critical or Major issues.
  • FAIL: Any Critical or Major issues present.

Install

Download ZIP
Requires askill CLI v1.0+β–Ά

AI Quality Score

55/100Analyzed 2/24/2026

Well-structured code review skill with clear tiered verification system (Critical/Major/Minor) and actionable reporting format. Covers important areas like security, logic, and architecture. However, severely limited by high project-specificity - references Emerald UI design system, specific file paths, and project conventions that make it non-reusable. The .agent path and project-specific references indicate this is an internal-only skill. Despite good structure and safety considerations, the reusability score is very low due to tight coupling to a specific codebase."

85
70
20
65
60

Metadata

Licenseunknown
Version-
Updated2/15/2026
Publishermrjuguy

Tags

apisecurity