name: code-review
description: Reviews code for bugs, security issues, performance problems, and best practices. Use when reviewing PRs, checking code quality, or auditing changes.
license: MIT
metadata:
author: thesimpleapp
version: "1.0"

Code Review

When reviewing code, follow this structured approach:

Security Checks

• SQL injection, XSS, CSRF vulnerabilities
• Hardcoded secrets, API keys, or credentials
• Input validation and sanitization
• Authentication/authorization issues
• Insecure dependencies

Code Quality

• Error handling completeness
• Edge case coverage
• Code duplication (DRY principle)
• Naming clarity and consistency
• Function/method length and complexity

Performance

• N+1 query problems
• Unnecessary re-renders or recomputations
• Memory leaks or resource cleanup
• Inefficient algorithms or data structures
• Missing caching opportunities

Maintainability

• Code readability
• Proper separation of concerns
• Test coverage for changes
• Documentation for complex logic

Output Format

For each issue found:
1. Location: File and line number
2. Severity: Critical / Warning / Suggestion
3. Issue: What's wrong
4. Why: Why it matters
5. Fix: How to resolve it

Be constructive. Explain the "why" behind suggestions. Acknowledge good patterns when you see them.