code-review-checklist
1
总安装量
1
周安装量
#42643
全站排名
安装命令
npx skills add https://github.com/anorbert-cmyk/agentic-kit --skill code-review-checklist
Agent 安装分布
amp
1
opencode
1
cursor
1
kimi-cli
1
codex
1
github-copilot
1
Skill 文档
Code Review Checklist
Quick Review Checklist
Correctness
- Code does what it’s supposed to do
- Edge cases handled
- Error handling in place
- No obvious bugs
Security
- Input validated and sanitized
- No SQL/NoSQL injection vulnerabilities
- No XSS or CSRF vulnerabilities
- No hardcoded secrets or sensitive credentials
- AI-Specific: Protection against Prompt Injection (if applicable)
- AI-Specific: Outputs are sanitized before being used in critical sinks
Performance
- No N+1 queries
- No unnecessary loops
- Appropriate caching
- Bundle size impact considered
Code Quality
- Clear naming
- DRY – no duplicate code
- SOLID principles followed
- Appropriate abstraction level
Testing
- Unit tests for new code
- Edge cases tested
- Tests readable and maintainable
Documentation
- Complex logic commented
- Public APIs documented
- README updated if needed
AI & LLM Review Patterns (2025)
Logic & Hallucinations
- Chain of Thought: Does the logic follow a verifiable path?
- Edge Cases: Did the AI account for empty states, timeouts, and partial failures?
- External State: Is the code making safe assumptions about file systems or networks?
Prompt Engineering Review
// â Vague prompt in code
const response = await ai.generate(userInput);
// â
Structured & Safe prompt
const response = await ai.generate({
system: "You are a specialized parser...",
input: sanitize(userInput),
schema: ResponseSchema
});
Anti-Patterns to Flag
// â Magic numbers
if (status === 3) { ... }
// â
Named constants
if (status === Status.ACTIVE) { ... }
// â Deep nesting
if (a) { if (b) { if (c) { ... } } }
// â
Early returns
if (!a) return;
if (!b) return;
if (!c) return;
// do work
// â Long functions (100+ lines)
// â
Small, focused functions
// â any type
const data: any = ...
// â
Proper types
const data: UserData = ...
Review Comments Guide
// Blocking issues use ð´
ð´ BLOCKING: SQL injection vulnerability here
// Important suggestions use ð¡
ð¡ SUGGESTION: Consider using useMemo for performance
// Minor nits use ð¢
ð¢ NIT: Prefer const over let for immutable variable
// Questions use â
â QUESTION: What happens if user is null here?