Notre avis
Effectue une revue de code complète en analysant les modifications Git pour vérifier la qualité, la sécurité et la maintenabilité.
Points forts
- Analyse structurée avec catégories (bloquant, suggestion, etc.)
- Vérification de la sécurité (injection, secrets)
- Couverture des tests et architecture
Limites
- Dépend de la configuration Git pour les diffs
- Ne remplace pas une revue humaine approfondie
- Peut manquer des problèmes de logique métier
Utilisez cette compétence pour examiner des changements de code avant de les fusionner dans une branche principale.
Ne l'utilisez pas pour du code non versionné ou si vous avez besoin d'une analyse architecturale globale sans contexte de modification.
Analyse de sécurité
SûrThe skill only uses read-only git commands and provides a review framework; no destructive, exfiltration, or obfuscated actions.
Aucun point d'attention détecté
Exemples
Review the code changes in the last commit. Check for quality, security, and maintainability issues.Perform a code review on the differences between the current branch and main. Focus on security and testing.Review the recent code changes and look for any hardcoded secrets, SQL injection points, or code duplication.name: code-review description: Perform comprehensive code review for quality, security, and maintainability. Use when reviewing code changes, PRs, or when asked to check code quality.
Code Review Skill
Instructions
-
Identify Changed Files
git diff --name-only HEAD~1 # or for specific branch git diff --name-only main...HEAD -
Read Changed Code
- Focus on logic changes, not just formatting
- Understand the context and purpose
-
Check Against Criteria
Code Quality
- [ ] Naming is clear and descriptive
- [ ] Functions are focused (single responsibility)
- [ ] No code duplication
- [ ] Proper error handling
- [ ] No magic numbers/strings
Security
- [ ] Input validation present
- [ ] No hardcoded secrets
- [ ] SQL injection prevention
- [ ] XSS prevention
Testing
- [ ] New code has tests
- [ ] Edge cases covered
- [ ] Tests are meaningful
Architecture
- [ ] Follows project patterns
- [ ] Dependencies flow correctly
- [ ] No circular dependencies
-
Generate Review Report
Output Format
## Code Review: [PR/Commit Description]
### Summary
[Brief overview of changes and overall assessment]
### Findings
#### 🔴 Blockers (Must Fix)
1. [file:line] Issue description
- Why it's a problem
- Suggested fix
#### 🟡 Suggestions (Should Consider)
1. [file:line] Issue description
- Reasoning
- Alternative approach
#### 🟢 Nitpicks (Optional)
1. [file:line] Minor suggestion
### Positive Notes
- [What was done well]
### Checklist
- [x] Code quality reviewed
- [x] Security reviewed
- [x] Tests reviewed
- [x] Architecture reviewed
Example
## Code Review: Add user authentication
### Summary
Good implementation overall. One security issue needs addressing before merge.
### Findings
#### 🔴 Blockers
1. `src/auth/login.ts:45` - Password logged in plaintext
- Security risk: passwords visible in logs
- Fix: Remove console.log or mask password
#### 🟡 Suggestions
1. `src/auth/login.ts:23` - Consider adding rate limiting
- Prevents brute force attacks
- Use existing rateLimiter middleware
#### 🟢 Nitpicks
1. `src/auth/types.ts:12` - Could use more descriptive type name
- `LoginData` → `LoginCredentials`
### Positive Notes
- Good use of custom error types
- Comprehensive input validation
- Well-structured service layer
Expert Next.js App Router
Developpement
Un skill qui transforme Claude en expert Next.js App Router.
Générateur de README
Developpement
Crée des README.md professionnels et complets pour vos projets.
Rédacteur de Documentation API
Developpement
Génère de la documentation API complète au format OpenAPI/Swagger.