Claude Code Plugins

Community-maintained marketplace

Feedback

code-review

@SimHacker/moollm
4
0

Systematic code analysis with evidence collection

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name code-review
description Systematic code analysis with evidence collection
allowed-tools read_file, run_terminal_cmd
tier 2
protocol CODE-REVIEW
tags development, quality, review, security
related adventure, debugging, research-notebook, session-log, rubric, evaluator
templates [object Object], [object Object]

Code Review

"Read with intent. Question with purpose. Document with care."

Systematic code analysis with evidence collection. Code review IS an adventure — the codebase is the dungeon, findings are clues.

Review Process

READ → NOTE ISSUES → CLASSIFY → REPORT

Step 1: Setup

  1. Create REVIEW.yml
  2. Identify files to review
  3. Define focus areas

Step 2: Overview

  1. List all changed files
  2. Read PR/commit description
  3. Note initial impressions

Step 3: Deep Review

For each file:

  1. Read the code
  2. Check against criteria
  3. Note findings
  4. Run relevant checks

Step 4: Verification

  1. Run tests
  2. Run linters
  3. Check regressions

Step 5: Synthesize

  1. Compile findings
  2. Prioritize issues
  3. Generate REVIEW.md
  4. State recommendation

Finding Severity

Level Symbol Meaning Action
Blocking 🚫 Must fix before merge Request changes
Important ⚠️ Should fix or explain Request changes
Minor 💡 Nice to fix Comment only
Praise 🎉 Good work! Celebrate

Finding Types

  • Security — Injection, auth, sensitive data
  • Correctness — Logic errors, edge cases
  • Performance — N+1 queries, memory leaks
  • Maintainability — Clarity, DRY, naming
  • Style — Formatting, conventions

Review Checklist

Security

  • Input validation
  • Output encoding
  • Authentication/authorization
  • Sensitive data handling
  • Injection vulnerabilities
  • Timing attacks

Correctness

  • Logic errors
  • Edge cases handled
  • Null/undefined handling
  • Error handling
  • Race conditions
  • Resource cleanup

Maintainability

  • Code clarity
  • Appropriate comments
  • Consistent naming
  • DRY (no duplication)
  • Single responsibility
  • Testability

Performance

  • Algorithmic complexity
  • Memory usage
  • Database queries
  • Caching
  • Unnecessary operations

Core Files

REVIEW.yml

review:
  name: "PR #123: Add user authentication"
  status: "in_progress"
  
findings:
  blocking:
    - id: "B1"
      file: "src/auth/login.ts"
      line: 45
      type: "security"
      summary: "Timing attack vulnerability"
      
  important: []
  minor: []
  praise: []

verification:
  tests: { ran: true, passed: true }
  linter: { ran: true, passed: false, issues: 3 }

REVIEW.md

Formatted document with:

  • Summary and counts
  • Issues by severity
  • Verification results
  • Recommendation

Verification Commands

tests:
  - "npm test"
  - "pytest"
  - "go test ./..."
  
linters:
  - "npm run lint"
  - "flake8"
  - "golangci-lint run"

Recommendation Output

Outcome Meaning
approve Good to merge
request_changes Has blocking/important issues
comment Minor feedback only

See Also