Our review
Performs a comprehensive code review by analyzing Git changes to assess quality, security, and maintainability.
Strengths
- Structured analysis with categories (blockers, suggestions, etc.)
- Security checks (injection, secrets)
- Covers testing and architecture
Limitations
- Relies on Git configuration for diffs
- Not a substitute for in-depth human review
- May miss business logic issues
When to use it
Use this skill to review code changes before merging into a main branch.
When not to use it
Do not use this for non-versioned code or when you need a global architectural review without change context.
Security analysis
SafeQuality score90/100
The skill only uses read-only git commands and provides a review framework; no destructive, exfiltration, or obfuscated actions.
No concerns found
Examples
Review last commit
Review the code changes in the last commit. Check for quality, security, and maintainability issues.Review pull request changes
Perform a code review on the differences between the current branch and main. Focus on security and testing.Check for common issues
Review the recent code changes and look for any hardcoded secrets, SQL injection points, or code duplication.name: code-review description: Perform comprehensive code review for quality, security, and maintainability. Use when reviewing code changes, PRs, or when asked to check code quality.
Code Review Skill
Instructions
-
Identify Changed Files
git diff --name-only HEAD~1 # or for specific branch git diff --name-only main...HEAD -
Read Changed Code
- Focus on logic changes, not just formatting
- Understand the context and purpose
-
Check Against Criteria
Code Quality
- [ ] Naming is clear and descriptive
- [ ] Functions are focused (single responsibility)
- [ ] No code duplication
- [ ] Proper error handling
- [ ] No magic numbers/strings
Security
- [ ] Input validation present
- [ ] No hardcoded secrets
- [ ] SQL injection prevention
- [ ] XSS prevention
Testing
- [ ] New code has tests
- [ ] Edge cases covered
- [ ] Tests are meaningful
Architecture
- [ ] Follows project patterns
- [ ] Dependencies flow correctly
- [ ] No circular dependencies
-
Generate Review Report
Output Format
## Code Review: [PR/Commit Description]
### Summary
[Brief overview of changes and overall assessment]
### Findings
#### 🔴 Blockers (Must Fix)
1. [file:line] Issue description
- Why it's a problem
- Suggested fix
#### 🟡 Suggestions (Should Consider)
1. [file:line] Issue description
- Reasoning
- Alternative approach
#### 🟢 Nitpicks (Optional)
1. [file:line] Minor suggestion
### Positive Notes
- [What was done well]
### Checklist
- [x] Code quality reviewed
- [x] Security reviewed
- [x] Tests reviewed
- [x] Architecture reviewed
Example
## Code Review: Add user authentication
### Summary
Good implementation overall. One security issue needs addressing before merge.
### Findings
#### 🔴 Blockers
1. `src/auth/login.ts:45` - Password logged in plaintext
- Security risk: passwords visible in logs
- Fix: Remove console.log or mask password
#### 🟡 Suggestions
1. `src/auth/login.ts:23` - Consider adding rate limiting
- Prevents brute force attacks
- Use existing rateLimiter middleware
#### 🟢 Nitpicks
1. `src/auth/types.ts:12` - Could use more descriptive type name
- `LoginData` → `LoginCredentials`
### Positive Notes
- Good use of custom error types
- Comprehensive input validation
- Well-structured service layer
Related skills
Next.js App Router Expert
Development
A skill that turns Claude into a Next.js App Router expert.
Claude CodeCursoradvanced
890
234
2,846
README Generator
Development
Creates professional and comprehensive README.md files for your projects.
claudeCursorWindsurfbeginner
259
72
821
API Documentation Writer
Development
Generates comprehensive API documentation in OpenAPI/Swagger format.
claudeCursorWindsurfintermediate
156
44
682