Agent skill

code-reviewer

Review code for best practices, security issues, and potential bugs. Use when reviewing code changes, checking PRs, analyzing code quality, or performing security audits.

Stars 5
Forks 3

Install this agent skill to your Project

npx add-skill https://github.com/nodnarbnitram/claude-code-extensions/tree/main/.claude/skills/code-reviewer

SKILL.md

Code Reviewer

Perform comprehensive code reviews focusing on quality, security, and maintainability.

Instructions

  1. Read the target files using the Read tool
  2. Search for patterns and related code using Grep
  3. Find related files using Glob
  4. Analyze code against the review checklist
  5. Provide structured feedback with severity levels

Review Checklist

Code Quality

  • Code is simple and readable
  • Functions and variables are well-named
  • No duplicated code (DRY principle)
  • Appropriate comments for complex logic
  • Consistent code style

Security

  • No exposed secrets or API keys
  • Input validation implemented
  • SQL injection prevention
  • XSS prevention for web code
  • Proper authentication/authorization checks

Error Handling

  • Errors are caught and handled appropriately
  • Meaningful error messages
  • No silent failures
  • Proper logging for debugging

Performance

  • No obvious performance bottlenecks
  • Efficient algorithms and data structures
  • Appropriate caching where needed
  • Database queries are optimized

Testing

  • Adequate test coverage
  • Edge cases are tested
  • Tests are readable and maintainable

Output Format

Organize feedback by severity:

Critical (Must Fix)

Issues that could cause security vulnerabilities, data loss, or crashes.

Warning (Should Fix)

Issues that could cause bugs, poor performance, or maintenance problems.

Suggestion (Consider)

Improvements for readability, consistency, or best practices.

Example Feedback

markdown
### Critical
- **SQL Injection vulnerability** in `user_service.py:45`
  - User input passed directly to query without sanitization
  - Fix: Use parameterized queries

### Warning
- **Missing error handling** in `api_client.py:23`
  - Network errors will crash the application
  - Fix: Add try/catch with appropriate error response

### Suggestion
- Consider extracting the validation logic in `validators.py:78-95` into a separate function for reusability

Expand your agent's capabilities with these related and highly-rated skills.

nodnarbnitram/claude-code-extensions

skill-skeleton

5 3
Explore
nodnarbnitram/claude-code-extensions

ha-automation

Create and debug Home Assistant automations, scripts, blueprints, and Jinja2 templates. Use when working with triggers, conditions, actions, automation YAML, scripts, blueprints, or template expressions. Activates on keywords: automation, trigger, condition, action, blueprint, script, template, jinja2.

5 3
Explore
nodnarbnitram/claude-code-extensions

ha-addon

Develop Home Assistant add-ons with Docker, Supervisor API, and multi-arch builds. Use when creating add-ons, configuring Dockerfiles, setting up ingress, or publishing to repositories. Activates on keywords: add-on, addon, supervisor, hassio, ingress, bashio, docker.

5 3
Explore
nodnarbnitram/claude-code-extensions

cloudflare-vpc-services

Diagnose and create Cloudflare VPC Services for Workers to access private APIs in AWS, Azure, GCP, or on-premise networks. Use when troubleshooting dns_error, configuring cloudflared tunnels, setting up VPC service bindings, or routing Workers to internal services.

5 3
Explore
nodnarbnitram/claude-code-extensions

ha-energy

Set up Home Assistant energy monitoring with dashboards, solar, grid, and device tracking. Use when configuring energy sensors, utility meters, statistics, or analyzing consumption. Activates on keywords: energy dashboard, solar, grid, consumption, kWh, utility meter, power monitoring, state_class, device_class: energy.

5 3
Explore
nodnarbnitram/claude-code-extensions

tauri-v2

Tauri v2 cross-platform app development with Rust backend. Use when configuring tauri.conf.json, implementing Rust commands (#[tauri::command]), setting up IPC patterns (invoke, emit, channels), configuring permissions/capabilities, troubleshooting build issues, or deploying desktop/mobile apps. Triggers on Tauri, src-tauri, invoke, emit, capabilities.json.

5 3
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results