Code Review Skill

Purpose

Ensure consistent, thorough code reviews.

Review Checklists

Security Checklist

Reference: checklists/security.md

• No hardcoded secrets
• Input validation present
• Output encoding used
• Authentication verified
• Authorization checked

Performance Checklist

Reference: checklists/performance.md

• No N+1 queries
• Appropriate caching
• Efficient algorithms
• Resource cleanup
• Pagination implemented

Maintainability Checklist

Reference: checklists/maintainability.md

• Code is readable
• Functions are focused
• Types are complete
• Tests exist
• Documentation present

Accessibility Checklist (Frontend)

Reference: checklists/accessibility.md

• Semantic HTML
• ARIA labels
• Keyboard navigation
• Color contrast
• Focus management

Issue Severity Guidelines

Critical

• Security vulnerabilities
• Data loss potential
• Production breaking
• Compliance violations

Warning

• Performance issues
• Missing error handling
• Incomplete types
• Missing tests

Suggestion

• Naming improvements
• Refactoring opportunities
• Documentation gaps
• Style consistency

Report Template

Use: templates/review-report.md

Review Process

1. Gather Context

• Understand the purpose of the changes
• Review related tickets/requirements
• Check the scope of modifications

2. Review Code

• Apply relevant checklists
• Check against project patterns
• Verify business logic

3. Categorize Findings

• Assign severity levels
• Group by type
• Prioritize fixes

4. Generate Report

• Use report template
• Include actionable recommendations
• Reference specific lines/files

Best Practices

Do

• Be specific about issues
• Provide fix suggestions
• Acknowledge good practices
• Focus on code, not author
• Ask questions when unclear

Don't

• Be vague or unhelpful
• Request unnecessary changes
• Block for style preferences
• Make it personal
• Skip security checks

Storage Location

Save reports to: docs/reviews/code-review-{session}.md