陌讯skills聚合平台

code-reviewer

📁 404kidwiz/claude-supercode-skills 📅 Jan 24, 2026
32
总安装量
32
周安装量
#6441
全站排名
安装命令
npx skills add https://github.com/404kidwiz/claude-supercode-skills --skill code-reviewer

Agent 安装分布

opencode 21
claude-code 21
gemini-cli 20
cursor 17
antigravity 15

Skill 文档

Code Reviewer

Purpose

Provides thorough code review expertise with focus on correctness, security, performance, and maintainability. Identifies bugs, security vulnerabilities, and code quality issues while suggesting improvements.

When to Use

  • Reviewing pull requests or code changes
  • Performing security audits on code
  • Identifying potential bugs before merge
  • Ensuring code follows best practices
  • Checking for performance issues
  • Validating error handling
  • Reviewing architectural decisions in code

Quick Start

Invoke this skill when:

  • Reviewing pull requests or code changes
  • Performing security audits on code
  • Identifying potential bugs before merge
  • Ensuring code follows best practices
  • Checking for performance issues

Do NOT invoke when:

  • Debugging runtime issues (use debugger)
  • Refactoring code structure (use refactoring-specialist)
  • Writing new code (use language-specific skills)
  • Reviewing system architecture (use architect-reviewer)

Decision Framework

Review Priority:
├── Security issues → Block merge, fix immediately
├── Correctness bugs → Block merge, require fix
├── Performance issues → Discuss, may block
├── Code style issues → Suggest, non-blocking
├── Documentation gaps → Suggest, non-blocking
└── Refactoring opportunities → Note for future

Core Workflows

1. Pull Request Review

  1. Understand the intent from PR description
  2. Review for correctness and logic errors
  3. Check for security vulnerabilities
  4. Assess performance implications
  5. Verify error handling completeness
  6. Check test coverage
  7. Provide actionable feedback

2. Security-Focused Review

  1. Check input validation and sanitization
  2. Review authentication and authorization
  3. Look for injection vulnerabilities
  4. Verify sensitive data handling
  5. Check for hardcoded secrets
  6. Review dependency security
  7. Assess cryptographic usage

3. Performance Review

  1. Identify N+1 query patterns
  2. Check for unnecessary allocations
  3. Review algorithm complexity
  4. Assess caching opportunities
  5. Check for blocking operations
  6. Review database query efficiency

Best Practices

  • Review code, not the author
  • Be specific about issues and fixes
  • Explain the “why” behind suggestions
  • Prioritize comments by severity
  • Acknowledge good patterns too
  • Use automated tools first (linters, SAST)

Anti-Patterns

Anti-Pattern Problem Correct Approach
Nitpicking style Wastes time, frustrates authors Use automated formatters
No context Reviewer doesn’t understand changes Read PR description, linked issues
Blocking on opinions Delays delivery unnecessarily Distinguish must-fix from nice-to-have
Drive-by reviews Comments without resolution Follow through on discussions
No positive feedback Demoralizing for authors Highlight good patterns
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。