code-review-skill

🥈Silver

Automates code reviews for React 19, Vue 3, Rust, TypeScript, TanStack Query v5, and more. Engineers and operations teams benefit from faster, consistent reviews. Integrates with GitHub, GitLab, and Bitbucket for streamlined workflows.

305100Updated 2w ago

Intermediate30min to implementautomation

Saves ~60 min per use

Quick InstallView Source

git clone https://github.com/awesome-skills/code-review-skill.git

Works with:

Claude

Overview

About This Skill

How to Use

[{"step":1,"action":"Prepare the context. Copy the PR title, author, repository link, and technology stack into the prompt. For example: 'Review PR #45 on GitLab for a Rust microservice titled \"Add Rate Limiting\". Focus on security and performance.'","tip":"Use the exact PR title and link to avoid confusion. Specify the technology stack to ensure accurate linting and analysis."},{"step":2,"action":"Run the prompt in your AI tool (e.g., Claude, ChatGPT). Paste the prompt template and replace [PLACEHOLDERS] with your specific details. Include focus areas like 'security vulnerabilities' or 'performance bottlenecks' to tailor the review.","tip":"For large PRs, ask the AI to prioritize critical issues first. Use the 'confidence score' metric to quickly assess the thoroughness of the review."},{"step":3,"action":"Review the AI's output. Copy the actionable feedback into the PR comments or a review document. Address critical issues first, then warnings and suggestions.","tip":"Use the provided code snippets to fix issues directly. If the AI suggests a fix, test it in a local environment before applying to the PR."},{"step":4,"action":"Iterate if needed. If the AI misses a critical issue or provides unclear feedback, ask follow-up questions like 'Can you elaborate on the security risk in the login function?' or 'Show me alternative implementations for the performance optimization.'","tip":"For complex issues, ask the AI to generate a full code example or explain the trade-offs of different solutions."},{"step":5,"action":"Integrate with CI/CD. Set up a GitHub Action, GitLab CI job, or Bitbucket Pipeline to run the AI code review automatically on every PR. Use tools like `claude-code-review` or `chatgpt-cli` for automation.","tip":"Start with a manual review for a few PRs to validate the AI's output before automating. Configure the tool to post comments directly to the PR for seamless integration."}]

Setup & Installation

Quick Install

No install command available. Check the GitHub repository for manual installation instructions.

Alternative Install (Git Clone)

git clone https://github.com/awesome-skills/code-review-skill

Requirements

Claude Code or compatible AI agent
Works with: Claude

Quick Start Guide

Install the Skill

Copy the install command above and run it in your terminal.

Open Your AI Agent

Launch Claude Code, Cursor, or your preferred AI coding agent.

Try It Out

Use the prompt template or examples below to test the skill.

Customize

Adapt the skill to your specific use case and workflow.

Usage Examples

Prompt Template

Perform a comprehensive code review for a [TECHNOLOGY_STACK] repository hosted on [GIT_PLATFORM] (e.g., GitHub, GitLab, Bitbucket). Focus on [FOCUS_AREAS] such as code quality, security vulnerabilities, performance optimizations, and adherence to [STYLE_GUIDE]. Review the latest pull request titled '[PR_TITLE]' by [PR_AUTHOR]. Provide actionable feedback with code snippets where applicable. Prioritize critical issues and suggest fixes. Include a summary of the review with a confidence score (0-100%) for each category reviewed.

Example Output

### Code Review Summary for PR #124: "Implement User Authentication" (Author: Alex Chen)

**Repository**: `company/web-app` (GitHub)
**Technology Stack**: React 19, TypeScript, TanStack Query v5
**Focus Areas**: Security, Performance, Type Safety

#### Critical Issues (Must Fix)
1. **Security: Missing Input Sanitization**
   - **Location**: `src/auth/services/authService.ts`, Line 42
   - **Issue**: The `login` function directly passes user input to the API without sanitization, risking XSS attacks.
   - **Evidence**: 
     ```typescript
     const response = await fetch('/api/login', {
       method: 'POST',
       body: JSON.stringify({ email: userInput.email, password: userInput.password }),
     });
     ```
   - **Fix**: Use a library like `validator.js` to sanitize inputs:
     ```typescript
     import validator from 'validator';
     const sanitizedEmail = validator.escape(userInput.email);
     ```

2. **Performance: Unnecessary Re-renders**
   - **Location**: `src/auth/components/LoginForm.tsx`, Line 18
   - **Issue**: The `useEffect` hook triggers a re-render on every keystroke in the email field, causing lag.
   - **Evidence**: 
     ```typescript
     useEffect(() => {
       validateEmail(email); // Triggers re-render
     }, [email]);
     ```
   - **Fix**: Debounce the validation:
     ```typescript
     const debouncedValidate = useDebouncedCallback(validateEmail, 300);
     ```

#### Warnings (Should Fix)
1. **Type Safety: Implicit `any` in TanStack Query**
   - **Location**: `src/auth/hooks/useAuth.ts`, Line 22
   - **Issue**: The query key `['user', userId]` lacks type safety. If `userId` changes, the query may not invalidate correctly.
   - **Fix**: Define a type for query keys:
     ```typescript
     type QueryKey = ['user', string];
     const { data } = useQuery<QueryKey>({ ... });
     ```

#### Praise
- **Clean Architecture**: The separation of concerns between `services`, `hooks`, and `components` is excellent.
- **TanStack Query Usage**: Properly structured queries with optimistic updates for login state.

**Confidence Scores**:
- Security: 95% (1 critical issue found)
- Performance: 85% (minor re-render issue)
- Type Safety: 70% (implicit `any` in one place)

**Next Steps**:
1. Address critical security issue immediately.
2. Optimize re-renders before merging.
3. Consider adding ESLint rules to enforce type safety.

**Reviewed by**: AI Code Reviewer
**Date**: 2023-11-15