parallel-code-review
npx skills add https://github.com/dgalarza/claude-code-workflows --skill parallel-code-review
Agent 安装分布
Skill 文档
Parallel Code Review
This skill provides guidance for launching multiple specialized code review agents in parallel for comprehensive, efficient analysis from different perspectives.
Purpose
Parallel code reviews maximize efficiency and coverage by running multiple specialized reviewers simultaneously. Instead of sequential reviews that take time proportional to the number of reviewers, parallel execution completes in the time of the slowest reviewer while providing comprehensive feedback from all perspectives.
When to Use This Skill
Use this skill when:
- Performing comprehensive code review before merging
- Need multiple specialized perspectives (security, architecture, performance)
- Want faster review by parallelizing analysis
- Reviewing large changesets that benefit from division of labor
- Implementing continuous review practices
Benefits of Parallel Reviews
Speed: 2+ specialized reviews complete in the time of 1 Depth: Each agent focuses on specific expertise area Comprehensive Coverage: Security + Architecture + Performance simultaneously
Core Workflow
Phase 1: Prepare for Review
1. Check Decision Log (Prevent Redundancy)
# Search memory for previous code review decisions
mcp__memory__search_nodes query:"code_review_decision"
# Read decision log file
cat code_review_decisions.md
Decision log format:
# Code Review Decisions
## 2025-01-15: Result Pattern Required
**Decision**: All service objects must return Result objects
**Rationale**: Explicit success/failure handling improves error management
**Status**: Accepted standard pattern
2. Get Code Changes
# Get diff for review
git diff main...HEAD
# Or specific branch
git diff main...feature-branch
Phase 2: Launch Parallel Reviewers
Use Task tool to launch multiple agents concurrently:
Example: Launch 2 reviewers in parallel by sending a SINGLE message with MULTIPLE Task tool calls:
Task({
subagent_type: "cybersecurity-expert",
description: "Security review of changes",
prompt: "Review git diff for security vulnerabilities..."
})
Task({
subagent_type: "rails-backend-expert",
description: "Architecture review of changes",
prompt: "Review git diff for code quality..."
})
Key principle: One message with multiple tool calls = true parallelism
Phase 3: Define Review Specializations
Security Review Agent
Focus areas:
- Authentication and authorization vulnerabilities
- Input validation and injection attacks
- Sensitive data exposure
- Cryptographic weaknesses
- Access control flaws
- Rate limiting and DoS prevention
Architecture/Best Practices Review Agent
Focus areas:
- Design patterns (SOLID, DRY, KISS)
- Framework conventions
- Code organization
- Dependency management
- Error handling patterns
- Test quality
Performance Review Agent (Optional)
Focus areas:
- Database query optimization (N+1, missing indexes)
- Memory usage patterns
- Algorithmic complexity
- Caching opportunities
Phase 4: Consolidate Findings
1. Collect agent outputs
Wait for all parallel agents to complete.
2. Merge and deduplicate
If multiple agents flag the same issue, consolidate into single item and credit all reviewers.
3. Organize by severity
Priority hierarchy:
- Critical: Security vulnerabilities, data loss risks
- High: Major code smells, performance issues
- Medium: Minor refactoring opportunities
- Low: Suggestions, nice-to-haves
4. Create consolidated report
# Code Review - PR #123
## Executive Summary
Reviewed 15 files with 342 lines changed. Found 2 critical issues, 5 high priority items.
## Critical Issues (Immediate Action Required)
### 1. SQL Injection Vulnerability
- **File**: app/services/search_service.rb:23
- **Reviewers**: Security, Architecture
- **Action**: Use parameterized queries immediately
## High Priority
[...]
## Positive Observations
- Good test coverage
- Clear naming conventions
## Recommended Action Plan
1. **Before merge**: Fix critical SQL injection (15 min)
2. **This sprint**: Address high priority refactoring (2 hours)
Phase 5: Decision Tracking
Update decision log for new patterns:
## 2025-01-20: Parameterized Queries Required
**Decision**: All database queries must use parameterized queries
**Rationale**: Prevent SQL injection vulnerabilities
**Status**: Enforced
**Reference**: Security review PR #123
Add to memory system:
mcp__memory__create_entities({
entities: [{
name: "Parameterized Queries Required",
entityType: "code_review_decision",
observations: [
"All database queries must use parameterized queries",
"Decided during PR #123 security review"
]
}]
})
Review Configurations
Two-Agent Review (Common)
Agent 1: Security Focus
Agent 2: Architecture/Quality Focus
Best for: Most code reviews, balanced coverage
Three-Agent Review (Comprehensive)
Agent 1: Security
Agent 2: Architecture
Agent 3: Performance
Best for: Large features, production-critical code
Four-Agent Review (Full Coverage)
Agent 1: Security
Agent 2: Architecture
Agent 3: Performance
Agent 4: Testing/Documentation
Best for: Major releases, API changes
Framework Adaptations
Ruby on Rails
Specialized Agents:
- Security: Rails-specific vulnerabilities (mass assignment, CSRF)
- Architecture: Rails conventions, service objects, Result pattern
- Performance: ActiveRecord optimization, caching
Python/Django
Specialized Agents:
- Security: Django security middleware, SQL injection, XSS
- Architecture: Django patterns, class-based views
- Performance: ORM query optimization
JavaScript/Node.js
Specialized Agents:
- Security: npm vulnerabilities, prototype pollution
- Architecture: Module patterns, async/await
- Performance: Event loop blocking, memory leaks
Best Practices
Preventing Review Fatigue
Decision tracking prevents:
- Repeated suggestions for accepted patterns
- Debates over settled conventions
- Wasted time on known trade-offs
Effective Agent Prompts
Good prompt structure:
[Role]: You are a [security/architecture] expert
[Context]: Reviewing code diff for [feature]
[Scope]: Focus on: [specific areas]
[Constraints]: Respect decisions in code_review_decisions.md
[Output]: Return findings with file:line, severity, recommendations
Consolidation Strategy
Remove duplicates: Consolidate identical findings from multiple agents Prioritize by impact: Security > user-facing bugs > refactoring Balance feedback: Include positive observations
Summary
Parallel code review maximizes efficiency and coverage:
- â Multiple specialized perspectives simultaneously
- â Faster review through parallelization
- â Decision tracking prevents redundancy
- â Consolidated reporting for actionable feedback
- â Adaptable to any language or framework
Key workflow: Check decision log â Launch parallel agents â Consolidate findings â Report with priorities â Update decision log
The goal is comprehensive coverage with minimal redundancy. Let each agent focus on their specialty, then synthesize insights into actionable, prioritized feedback.