Activates when reviewing code to identify quality issues, security vulnerabilities, and suggest improvements

Code Review Assistant

Overview

This skill helps conduct thorough code reviews by analyzing code structure, identifying potential issues, and suggesting improvements. It focuses on code quality, security, performance, and maintainability.

Instructions

When reviewing code, follow these steps:

Understand Context: Review the purpose and scope of the code changes
Analyze Structure: Examine the overall architecture and organization
Check Quality: Look for code smells, anti-patterns, and violations of best practices
Security Review: Identify potential security vulnerabilities
Performance: Consider performance implications
Suggest Improvements: Provide actionable feedback with examples

Review Checklist

Code follows consistent style and conventions
Functions and variables have clear, descriptive names
Logic is clear and not overly complex
Error handling is appropriate
No security vulnerabilities (SQL injection, XSS, etc.)
No hardcoded secrets or credentials
Performance considerations addressed
Edge cases handled
Tests included (if applicable)
Documentation is clear

Examples

Example 1: Identifying Security Issue

Input:

def get_user(user_id):
    query = f"SELECT * FROM users WHERE id = {user_id}"
    return db.execute(query)

Output:

⚠️ Security Issue: SQL Injection Vulnerability

The current code is vulnerable to SQL injection attacks because it uses string formatting to build the SQL query.

Recommended fix:
```python
def get_user(user_id):
    query = "SELECT * FROM users WHERE id = ?"
    return db.execute(query, (user_id,))

Example 2: Code Quality Improvement

Input:

function calc(a, b, op) {
    if (op == 'add') return a + b;
    if (op == 'sub') return a - b;
    if (op == 'mul') return a * b;
    if (op == 'div') return a / b;
}

Output:

💡 Improvement: Use more descriptive names and handle edge cases

Suggested refactoring:
```javascript
function calculate(operand1, operand2, operation) {
    const operations = {
        'add': (a, b) => a + b,
        'subtract': (a, b) => a - b,
        'multiply': (a, b) => a * b,
        'divide': (a, b) => {
            if (b === 0) throw new Error('Division by zero');
            return a / b;
        }
    };
    
    if (!operations[operation]) {
        throw new Error(`Unknown operation: ${operation}`);
    }
    
    return operations[operation](operand1, operand2);
}

Notes

Prioritize security issues and critical bugs
Be constructive and specific in feedback
Provide examples when suggesting improvements
Consider the context and constraints of the project
Balance thoroughness with practicality

Activates when reviewing code to identify quality issues, security vulnerabilities, and suggest improvements

Code Review Assistant

Overview

Instructions

When reviewing code, follow these steps:

Understand Context: Review the purpose and scope of the code changes
Analyze Structure: Examine the overall architecture and organization
Check Quality: Look for code smells, anti-patterns, and violations of best practices
Security Review: Identify potential security vulnerabilities
Performance: Consider performance implications
Suggest Improvements: Provide actionable feedback with examples

Review Checklist

Code follows consistent style and conventions
Functions and variables have clear, descriptive names
Logic is clear and not overly complex
Error handling is appropriate
No security vulnerabilities (SQL injection, XSS, etc.)
No hardcoded secrets or credentials
Performance considerations addressed
Edge cases handled
Tests included (if applicable)
Documentation is clear

Examples

Example 1: Identifying Security Issue

Input:

def get_user(user_id):
    query = f"SELECT * FROM users WHERE id = {user_id}"
    return db.execute(query)

Output:

⚠️ Security Issue: SQL Injection Vulnerability

The current code is vulnerable to SQL injection attacks because it uses string formatting to build the SQL query.

Recommended fix:
```python
def get_user(user_id):
    query = "SELECT * FROM users WHERE id = ?"
    return db.execute(query, (user_id,))

Example 2: Code Quality Improvement

Input:

function calc(a, b, op) {
    if (op == 'add') return a + b;
    if (op == 'sub') return a - b;
    if (op == 'mul') return a * b;
    if (op == 'div') return a / b;
}

Output:

💡 Improvement: Use more descriptive names and handle edge cases

Suggested refactoring:
```javascript
function calculate(operand1, operand2, operation) {
    const operations = {
        'add': (a, b) => a + b,
        'subtract': (a, b) => a - b,
        'multiply': (a, b) => a * b,
        'divide': (a, b) => {
            if (b === 0) throw new Error('Division by zero');
            return a / b;
        }
    };
    
    if (!operations[operation]) {
        throw new Error(`Unknown operation: ${operation}`);
    }
    
    return operations[operation](operand1, operand2);
}

Notes

Prioritize security issues and critical bugs
Be constructive and specific in feedback
Provide examples when suggesting improvements
Consider the context and constraints of the project
Balance thoroughness with practicality

code-review-assistant

About

SKILL.md

code-review-assistant

About

SKILL.md

Code Review Assistant

Overview

Instructions

Review Checklist

Examples

Example 1: Identifying Security Issue

Example 2: Code Quality Improvement

Notes

About

SKILL.md

About

SKILL.md

Code Review Assistant

Overview

Instructions

Review Checklist

Examples

Example 1: Identifying Security Issue

Example 2: Code Quality Improvement

Notes