ReddRadar
Agent skill
code-review-assistant
Comprehensive PR review using multi-agent swarm with specialized reviewers for security, performance, style, tests, and documentation. Provides detailed feedback with auto-fix suggestions and merge readiness assessment.
Install this agent skill to your Project
npx add-skill https://github.com/aiskillstore/marketplace/tree/main/skills/dnyoussef/code-review-assistant
SKILL.md
Code Review Assistant
Purpose
Automated comprehensive code review using specialized multi-agent swarm for PRs.
Specialist Agent
I am a code review coordinator managing specialized review agents.
Methodology (Multi-Agent Swarm Review Pattern):
- Initialize review swarm with specialized agents
- Parallel comprehensive review (security, performance, style, tests, docs)
- Run complete quality audit pipeline
- Aggregate findings with severity ranking
- Generate fix suggestions with Codex
- Assess merge readiness with quality gates
- Create detailed review comment
Review Agents (5 specialists):
- Security Reviewer: Vulnerabilities, unsafe patterns, secrets
- Performance Analyst: Bottlenecks, optimization opportunities
- Style Reviewer: Code style, best practices, maintainability
- Test Specialist: Test coverage, quality, edge cases
- Documentation Reviewer: Comments, API docs, README updates
Input Contract
input:
pr_number: number (required) or
changed_files: array[string] (file paths)
focus_areas: array[enum] (default: all)
- security
- performance
- style
- tests
- documentation
suggest_fixes: boolean (default: true)
auto_merge_if_passing: boolean (default: false)
Output Contract
output:
review_summary:
overall_score: number (0-100)
merge_ready: boolean
blocking_issues: number
warnings: number
suggestions: number
detailed_reviews:
security: object
performance: object
style: object
tests: object
documentation: object
fix_suggestions: array[code_change]
merge_decision: enum[approve, request_changes, needs_work]
Execution Flow
#!/bin/bash
set -e
PR_NUMBER="$1"
FOCUS_AREAS="${2:-security,performance,style,tests,documentation}"
SUGGEST_FIXES="${3:-true}"
REVIEW_DIR="pr-review-$PR_NUMBER"
mkdir -p "$REVIEW_DIR"
echo "================================================================"
echo "Code Review Assistant: PR #$PR_NUMBER"
echo "================================================================"
# PHASE 1: PR Information Gathering
echo "[1/8] Gathering PR information..."
gh pr view "$PR_NUMBER" --json title,body,files,additions,deletions > "$REVIEW_DIR/pr-info.json"
PR_TITLE=$(cat "$REVIEW_DIR/pr-info.json" | jq -r '.title')
CHANGED_FILES=$(cat "$REVIEW_DIR/pr-info.json" | jq -r '.files[].path' | tr '\n' ' ')
echo "PR: $PR_TITLE"
echo "Files changed: $(echo $CHANGED_FILES | wc -w)"
# Checkout PR branch
gh pr checkout "$PR_NUMBER"
# PHASE 2: Initialize Review Swarm
echo "[2/8] Initializing multi-agent review swarm..."
npx claude-flow coordination swarm-init \
--topology mesh \
--max-agents 5 \
--strategy specialized
# Spawn specialized review agents
npx claude-flow automation auto-agent \
--task "Comprehensive code review of PR#$PR_NUMBER focusing on: $FOCUS_AREAS" \
--strategy optimal \
--max-agents 5
# PHASE 3: Parallel Specialized Reviews
echo "[3/8] Executing specialized reviews in parallel..."
# Security Review
if [[ "$FOCUS_AREAS" == *"security"* ]]; then
echo " → Security Specialist reviewing..."
npx claude-flow security-scan . \
--deep true \
--check-secrets true \
--output "$REVIEW_DIR/security-review.json" &
SEC_PID=$!
fi
# Performance Review
if [[ "$FOCUS_AREAS" == *"performance"* ]]; then
echo " → Performance Analyst reviewing..."
npx claude-flow analysis bottleneck-detect \
--threshold 10 \
--output "$REVIEW_DIR/performance-review.json" &
PERF_PID=$!
fi
# Style Review
if [[ "$FOCUS_AREAS" == *"style"* ]]; then
echo " → Style Reviewer checking..."
npx claude-flow style-audit . \
--fix false \
--output "$REVIEW_DIR/style-review.json" &
STYLE_PID=$!
fi
# Test Review
if [[ "$FOCUS_AREAS" == *"tests"* ]]; then
echo " → Test Specialist analyzing..."
npx claude-flow test-coverage . \
--detailed true \
--output "$REVIEW_DIR/test-review.json" &
TEST_PID=$!
fi
# Documentation Review
if [[ "$FOCUS_AREAS" == *"documentation"* ]]; then
echo " → Documentation Reviewer checking..."
# Check for README updates, JSDoc comments, etc.
npx claude-flow docs-checker . \
--output "$REVIEW_DIR/docs-review.json" &
DOCS_PID=$!
fi
# Wait for all reviews to complete
wait $SEC_PID $PERF_PID $STYLE_PID $TEST_PID $DOCS_PID 2>/dev/null || true
# PHASE 4: Complete Quality Audit
echo "[4/8] Running complete quality audit..."
npx claude-flow audit-pipeline . \
--phase all \
--model codex-auto \
--output "$REVIEW_DIR/quality-audit.json"
# PHASE 5: Aggregate Review Findings
echo "[5/8] Aggregating review findings..."
cat > "$REVIEW_DIR/aggregated-review.json" <<EOF
{
"pr_number": $PR_NUMBER,
"pr_title": "$PR_TITLE",
"reviews": {
"security": $(cat "$REVIEW_DIR/security-review.json" 2>/dev/null || echo "{}"),
"performance": $(cat "$REVIEW_DIR/performance-review.json" 2>/dev/null || echo "{}"),
"style": $(cat "$REVIEW_DIR/style-review.json" 2>/dev/null || echo "{}"),
"tests": $(cat "$REVIEW_DIR/test-review.json" 2>/dev/null || echo "{}"),
"documentation": $(cat "$REVIEW_DIR/docs-review.json" 2>/dev/null || echo "{}"),
"quality_audit": $(cat "$REVIEW_DIR/quality-audit.json")
}
}
EOF
# Calculate scores
SECURITY_SCORE=$(cat "$REVIEW_DIR/security-review.json" 2>/dev/null | jq '.score // 100')
PERF_SCORE=$(cat "$REVIEW_DIR/performance-review.json" 2>/dev/null | jq '.score // 100')
STYLE_SCORE=$(cat "$REVIEW_DIR/style-review.json" 2>/dev/null | jq '.quality_score // 100')
TEST_SCORE=$(cat "$REVIEW_DIR/test-review.json" 2>/dev/null | jq '.coverage_percent // 100')
QUALITY_SCORE=$(cat "$REVIEW_DIR/quality-audit.json" | jq '.overall_score // 100')
OVERALL_SCORE=$(echo "($SECURITY_SCORE + $PERF_SCORE + $STYLE_SCORE + $TEST_SCORE + $QUALITY_SCORE) / 5" | bc)
# PHASE 6: Generate Fix Suggestions
if [ "$SUGGEST_FIXES" = "true" ]; then
echo "[6/8] Generating fix suggestions with Codex..."
# Collect all issues
ISSUES=$(cat "$REVIEW_DIR/aggregated-review.json" | jq '[.reviews[] | .issues? // [] | .[]]')
if [ "$(echo $ISSUES | jq 'length')" -gt 0 ]; then
codex --reasoning-mode "Suggest fixes for code review issues" \
--context "$REVIEW_DIR/aggregated-review.json" \
--output "$REVIEW_DIR/fix-suggestions.md"
fi
fi
# PHASE 7: Assess Merge Readiness
echo "[7/8] Assessing merge readiness..."
CRITICAL_SECURITY=$(cat "$REVIEW_DIR/security-review.json" 2>/dev/null | jq '.critical_issues // 0')
TESTS_PASSING=$(cat "$REVIEW_DIR/quality-audit.json" | jq '.functionality_audit.all_passed // false')
MERGE_READY="false"
MERGE_DECISION="request_changes"
if [ "$CRITICAL_SECURITY" -eq 0 ] && [ "$TESTS_PASSING" = "true" ] && [ "$OVERALL_SCORE" -ge 80 ]; then
MERGE_READY="true"
if [ "$OVERALL_SCORE" -ge 90 ]; then
MERGE_DECISION="approve"
else
MERGE_DECISION="approve_with_suggestions"
fi
fi
# PHASE 8: Create Review Comment
echo "[8/8] Creating review comment..."
cat > "$REVIEW_DIR/review-comment.md" <<EOF
# 🤖 Automated Code Review
**Overall Score**: $OVERALL_SCORE/100
**Merge Ready**: $([ "$MERGE_READY" = "true" ] && echo "✅ Yes" || echo "⚠️ No")
## Review Summary
| Category | Score | Status |
|----------|-------|--------|
| 🔒 Security | $SECURITY_SCORE/100 | $([ "$SECURITY_SCORE" -ge 80 ] && echo "✅" || echo "⚠️") |
| ⚡ Performance | $PERF_SCORE/100 | $([ "$PERF_SCORE" -ge 80 ] && echo "✅" || echo "⚠️") |
| 🎨 Style | $STYLE_SCORE/100 | $([ "$STYLE_SCORE" -ge 80 ] && echo "✅" || echo "⚠️") |
| 🧪 Tests | $TEST_SCORE/100 | $([ "$TEST_SCORE" -ge 80 ] && echo "✅" || echo "⚠️") |
| 📊 Quality | $QUALITY_SCORE/100 | $([ "$QUALITY_SCORE" -ge 80 ] && echo "✅" || echo "⚠️") |
## Detailed Findings
### 🔒 Security Review
$(cat "$REVIEW_DIR/security-review.json" 2>/dev/null | jq -r '.summary // "No issues found ✅"')
### ⚡ Performance Review
$(cat "$REVIEW_DIR/performance-review.json" 2>/dev/null | jq -r '.summary // "No bottlenecks detected ✅"')
### 🎨 Style Review
$(cat "$REVIEW_DIR/style-review.json" 2>/dev/null | jq -r '.summary // "Code style looks good ✅"')
### 🧪 Test Review
- Test Coverage: $TEST_SCORE%
- All Tests Passing: $([ "$TESTS_PASSING" = "true" ] && echo "✅ Yes" || echo "❌ No")
## Fix Suggestions
$(cat "$REVIEW_DIR/fix-suggestions.md" 2>/dev/null || echo "No suggestions needed - code looks great! 🎉")
---
🤖 Generated by Claude Code Review Assistant
EOF
# Post review comment
gh pr comment "$PR_NUMBER" --body-file "$REVIEW_DIR/review-comment.md"
# Approve or request changes
if [ "$MERGE_DECISION" = "approve" ]; then
gh pr review "$PR_NUMBER" --approve --body "Code review passed! Overall score: $OVERALL_SCORE/100 ✅"
elif [ "$MERGE_DECISION" = "approve_with_suggestions" ]; then
gh pr review "$PR_NUMBER" --approve --body "Approved with suggestions. See detailed review comment. Score: $OVERALL_SCORE/100 ✅"
else
gh pr review "$PR_NUMBER" --request-changes --body "Please address review findings before merging. Score: $OVERALL_SCORE/100"
fi
echo ""
echo "================================================================"
echo "Code Review Complete!"
echo "================================================================"
echo ""
echo "Overall Score: $OVERALL_SCORE/100"
echo "Merge Ready: $MERGE_READY"
echo "Decision: $MERGE_DECISION"
echo ""
echo "Review artifacts in: $REVIEW_DIR/"
echo "Review comment posted to PR #$PR_NUMBER"
echo ""
Integration Points
Cascades
- Part of
/github-automation-workflowcascade - Used by
/pr-quality-gatecascade - Invoked by
/review-prcommand
Commands
- Uses:
/swarm-init,/auto-agent,/security-scan - Uses:
/bottleneck-detect,/style-audit,/test-coverage - Uses:
/audit-pipeline,/codex-reasoning - Uses GitHub CLI:
gh pr view,gh pr checkout,gh pr comment,gh pr review
Other Skills
- Invokes:
quick-quality-check,smart-bug-fix(if issues) - Output to:
merge-decision-maker,pr-enhancer
Usage Example
# Review PR with all checks
code-review-assistant 123
# Review focusing on security
code-review-assistant 123 security
# Review with auto-merge
code-review-assistant 123 "security,tests" true --auto-merge true
Failure Modes
- PR not found: Verify PR number and repository access
- Critical security issues: Block merge, escalate to security team
- Tests failing: Request changes, provide fix suggestions
- GitHub CLI not authenticated: Guide user to authenticate
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
aiskillstore/marketplace
perigon-backend
Perigon ASP.NET Core + EF Core + Aspire conventions
aiskillstore/marketplace
perigon-agent
Pointers for Copilot/agents to apply Perigon conventions
aiskillstore/marketplace
perigon-angular
Angular 21+ standalone/Material/signal conventions for Perigon WebApp
aiskillstore/marketplace
fastapi-mastery
Comprehensive FastAPI development skill covering REST API creation, routing, request/response handling, validation, authentication, database integration, middleware, and deployment. Use when working with FastAPI projects, building APIs, implementing CRUD operations, setting up authentication/authorization, integrating databases (SQL/NoSQL), adding middleware, handling WebSockets, or deploying FastAPI applications. Triggered by requests involving .py files with FastAPI code, API endpoint creation, Pydantic models, or FastAPI-specific features.
aiskillstore/marketplace
context7-efficient
Token-efficient library documentation fetcher using Context7 MCP with 86.8% token savings through intelligent shell pipeline filtering. Fetches code examples, API references, and best practices for JavaScript, Python, Go, Rust, and other libraries. Use when users ask about library documentation, need code examples, want API usage patterns, are learning a new framework, need syntax reference, or troubleshooting with library-specific information. Triggers include questions like "Show me React hooks", "How do I use Prisma", "What's the Next.js routing syntax", or any request for library/framework documentation.
aiskillstore/marketplace
browser-use
Browser automation using Playwright MCP. Navigate websites, fill forms, click elements, take screenshots, and extract data. Use when tasks require web browsing, form submission, web scraping, UI testing, or any browser interaction.
Didn't find tool you were looking for?