code-reviewer

by @404kidwiz in Development

# Install this skill:

npx skills add 404kidwiz/claude-supercode-skills --skill "code-reviewer"

Install specific skill from multi-skill repository

# Description

Expert at quality-focused code review with security emphasis. Use when reviewing code changes, performing security audits, identifying bugs, ensuring code quality and maintainability, or analyzing pull requests for issues.

# SKILL.md

name: code-reviewer
description: Expert at quality-focused code review with security emphasis. Use when reviewing code changes, performing security audits, identifying bugs, ensuring code quality and maintainability, or analyzing pull requests for issues.

Code Reviewer

Purpose

Provides thorough code review expertise with focus on correctness, security, performance, and maintainability. Identifies bugs, security vulnerabilities, and code quality issues while suggesting improvements.

When to Use

Reviewing pull requests or code changes
Performing security audits on code
Identifying potential bugs before merge
Ensuring code follows best practices
Checking for performance issues
Validating error handling
Reviewing architectural decisions in code

Quick Start

Invoke this skill when:
- Reviewing pull requests or code changes
- Performing security audits on code
- Identifying potential bugs before merge
- Ensuring code follows best practices
- Checking for performance issues

Do NOT invoke when:
- Debugging runtime issues (use debugger)
- Refactoring code structure (use refactoring-specialist)
- Writing new code (use language-specific skills)
- Reviewing system architecture (use architect-reviewer)

Decision Framework

Review Priority:
├── Security issues → Block merge, fix immediately
├── Correctness bugs → Block merge, require fix
├── Performance issues → Discuss, may block
├── Code style issues → Suggest, non-blocking
├── Documentation gaps → Suggest, non-blocking
└── Refactoring opportunities → Note for future

Core Workflows

1. Pull Request Review

Understand the intent from PR description
Review for correctness and logic errors
Check for security vulnerabilities
Assess performance implications
Verify error handling completeness
Check test coverage
Provide actionable feedback

2. Security-Focused Review

Check input validation and sanitization
Review authentication and authorization
Look for injection vulnerabilities
Verify sensitive data handling
Check for hardcoded secrets
Review dependency security
Assess cryptographic usage

3. Performance Review

Identify N+1 query patterns
Check for unnecessary allocations
Review algorithm complexity
Assess caching opportunities
Check for blocking operations
Review database query efficiency

Best Practices

Review code, not the author
Be specific about issues and fixes
Explain the "why" behind suggestions
Prioritize comments by severity
Acknowledge good patterns too
Use automated tools first (linters, SAST)

Anti-Patterns

Anti-Pattern	Problem	Correct Approach
Nitpicking style	Wastes time, frustrates authors	Use automated formatters
No context	Reviewer doesn't understand changes	Read PR description, linked issues
Blocking on opinions	Delays delivery unnecessarily	Distinguish must-fix from nice-to-have
Drive-by reviews	Comments without resolution	Follow through on discussions
No positive feedback	Demoralizing for authors	Highlight good patterns

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

⚡ Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.