Code Reviewer Skill

Overview

The Code Reviewer skill provides comprehensive code analysis capabilities across multiple programming languages, enforcing best practices, identifying bugs, and suggesting improvements.

Features

1. Static Code Analysis

• Syntax error detection
• Type checking
• Dead code identification
• Unused variable detection
• Import optimization

2. Code Quality Metrics

• Cyclomatic complexity
• Code duplication
• Test coverage analysis
• Maintainability index
• Technical debt calculation

3. Security Analysis

• OWASP Top 10 vulnerability detection
• Sensitive data exposure checks
• Injection vulnerability scanning
• Authentication/authorization issues
• Cryptographic weaknesses

4. Best Practices Enforcement

• Naming conventions
• Code formatting standards
• Design pattern compliance
• SOLID principles adherence
• DRY (Don't Repeat Yourself) validation

5. Performance Analysis

• Algorithm complexity analysis
• Memory leak detection
• Database query optimization
• Caching opportunities
• Resource utilization

Configuration

{
  "code_reviewer": {
    "enabled": true,
    "languages": {
      "javascript": {
        "linter": "eslint",
        "config": ".eslintrc.json",
        "rules": {
          "complexity": {"max": 10},
          "line_length": {"max": 100},
          "function_length": {"max": 50}
        }
      },
      "python": {
        "linter": "pylint",
        "config": ".pylintrc",
        "rules": {
          "complexity": {"max": 10},
          "line_length": {"max": 120},
          "function_length": {"max": 50}
        }
      }
    },
    "security": {
      "enabled": true,
      "scanners": ["semgrep", "bandit", "snyk"]
    },
    "performance": {
      "enabled": true,
      "profiling": true
    },
    "reporting": {
      "format": ["json", "markdown", "html"],
      "include_suggestions": true,
      "severity_threshold": "warning"
    }
  }
}

Usage Examples

Basic Code Review

// Input code to review
function calculatePrice(items) {
  let total = 0;
  for(var i = 0; i < items.length; i++) {
    total = total + items[i].price * items[i].quantity;
  }
  return total;
}

Review Output

## Code Review Results

### Issues Found: 3

#### 1. Use Modern JavaScript Syntax (Style)
**Line 3**: Use `const` or `let` instead of `var`
```diff
- for(var i = 0; i < items.length; i++) {
+ for(let i = 0; i < items.length; i++) {

2. Consider Using Array Methods (Performance)

Lines 3-5: Use reduce() for better readability and performance

function calculatePrice(items) {
  return items.reduce((total, item) => 
    total + item.price * item.quantity, 0
  );
}

3. Add Input Validation (Security)

Line 1: Add validation for undefined/null input

function calculatePrice(items) {
  if (!items || !Array.isArray(items)) {
    throw new Error('Invalid input: items must be an array');
  }
  // ... rest of function
}

Metrics

• Complexity: 2 (Good ✅)
• Maintainability: 85/100 (Good ✅)
• Test Coverage: 0% (Needs Improvement ❌)

## Advanced Features

### Multi-file Analysis
```python
# Example: Analyzing Python module dependencies
class CodeAnalyzer:
    def analyze_imports(self, file_path):
        """Analyze import statements for circular dependencies"""
        imports = self.extract_imports(file_path)
        circular_deps = self.detect_circular_deps(imports)
        unused_imports = self.find_unused_imports(imports)
        
        return {
            'circular_dependencies': circular_deps,
            'unused_imports': unused_imports,
            'import_depth': self.calculate_import_depth(imports)
        }

Design Pattern Detection

// Detects and validates design pattern implementations
public class PatternDetector {
    public List<Pattern> detectPatterns(String code) {
        List<Pattern> patterns = new ArrayList<>();
        
        if (isSingleton(code)) {
            patterns.add(new Pattern("Singleton", 
                validateSingleton(code)));
        }
        
        if (isFactory(code)) {
            patterns.add(new Pattern("Factory", 
                validateFactory(code)));
        }
        
        return patterns;
    }
}

Integration with Agents

Security Reviewer Agent Integration

integration:
  security_reviewer:
    trigger: "on_code_change"
    actions:
      - scan_vulnerabilities
      - check_dependencies
      - validate_authentication

Performance Tester Agent Integration

integration:
  performance_tester:
    trigger: "on_optimization_suggestion"
    actions:
      - benchmark_before
      - apply_optimization
      - benchmark_after
      - report_improvement

Customization

Adding Custom Rules

// custom-rules.js
module.exports = {
  rules: {
    'no-console-log': {
      create(context) {
        return {
          CallExpression(node) {
            if (node.callee.type === 'MemberExpression' &&
                node.callee.object.name === 'console' &&
                node.callee.property.name === 'log') {
              context.report({
                node,
                message: 'console.log should not be used in production'
              });
            }
          }
        };
      }
    }
  }
};

Language-Specific Configurations

JavaScript/TypeScript

{
  "extends": ["airbnb", "plugin:@typescript-eslint/recommended"],
  "rules": {
    "max-len": ["error", 100],
    "complexity": ["error", 10],
    "no-unused-vars": "error"
  }
}

Python

[MESSAGES CONTROL]
max-line-length=120
max-complexity=10
min-public-methods=1

[DESIGN]
max-args=5
max-attributes=10
max-statements=50

Performance Benchmarks

Language	Files/Second	Avg Time per File	Memory Usage
JavaScript	50	20ms	50MB
Python	40	25ms	60MB
Java	30	33ms	80MB
Go	60	17ms	40MB
Rust	45	22ms	55MB

Best Practices

1. Incremental Reviews

Review code changes incrementally rather than entire codebases:

@code-review --changes-only --since=last-commit

2. Automated PR Reviews

Integrate with pull request workflows:

on: [pull_request]
jobs:
  code-review:
    runs-on: ubuntu-latest
    steps:
      - uses: claude/code-reviewer@v1
        with:
          severity: warning
          auto-fix: true

3. Custom Severity Levels

Configure severity based on environment:

{
  "environments": {
    "development": {"severity": "info"},
    "staging": {"severity": "warning"},
    "production": {"severity": "error"}
  }
}

Troubleshooting

Common Issues

1. Slow Analysis

   • Solution: Limit scope with --files flag
   • Use .codereviewignore file

2. False Positives

   • Solution: Adjust rule sensitivity
   • Add inline suppressions

3. Missing Language Support

   • Solution: Install language-specific plugins
   • Configure custom parsers

API Reference

analyze(code, options)

interface AnalyzeOptions {
  language: string;
  rules?: RuleSet;
  severity?: 'error' | 'warning' | 'info';
  autoFix?: boolean;
}

interface AnalyzeResult {
  issues: Issue[];
  metrics: Metrics;
  suggestions: Suggestion[];
  autoFixed?: boolean;
}

Review Output Format

interface Issue {
  severity: 'error' | 'warning' | 'info';
  rule: string;
  message: string;
  line: number;
  column: number;
  suggestion?: string;
  autoFixable: boolean;
}