Agent skill

code-reviewer

Expert at quality-focused code review with security emphasis. Use when reviewing code changes, performing security audits, identifying bugs, ensuring code quality and maintainability, or analyzing pull requests for issues.

View SKILL.md on GitHub Repository
Stars 66
Forks 6

Install this agent skill to your Project

npx add-skill https://github.com/404kidwiz/claude-supercode-skills/tree/main/code-reviewer-skill

SKILL.md

Code Reviewer

Purpose

Provides thorough code review expertise with focus on correctness, security, performance, and maintainability. Identifies bugs, security vulnerabilities, and code quality issues while suggesting improvements.

When to Use

  • Reviewing pull requests or code changes
  • Performing security audits on code
  • Identifying potential bugs before merge
  • Ensuring code follows best practices
  • Checking for performance issues
  • Validating error handling
  • Reviewing architectural decisions in code

Quick Start

Invoke this skill when:

  • Reviewing pull requests or code changes
  • Performing security audits on code
  • Identifying potential bugs before merge
  • Ensuring code follows best practices
  • Checking for performance issues

Do NOT invoke when:

  • Debugging runtime issues (use debugger)
  • Refactoring code structure (use refactoring-specialist)
  • Writing new code (use language-specific skills)
  • Reviewing system architecture (use architect-reviewer)

Decision Framework

Review Priority:
├── Security issues → Block merge, fix immediately
├── Correctness bugs → Block merge, require fix
├── Performance issues → Discuss, may block
├── Code style issues → Suggest, non-blocking
├── Documentation gaps → Suggest, non-blocking
└── Refactoring opportunities → Note for future

Core Workflows

1. Pull Request Review

  1. Understand the intent from PR description
  2. Review for correctness and logic errors
  3. Check for security vulnerabilities
  4. Assess performance implications
  5. Verify error handling completeness
  6. Check test coverage
  7. Provide actionable feedback

2. Security-Focused Review

  1. Check input validation and sanitization
  2. Review authentication and authorization
  3. Look for injection vulnerabilities
  4. Verify sensitive data handling
  5. Check for hardcoded secrets
  6. Review dependency security
  7. Assess cryptographic usage

3. Performance Review

  1. Identify N+1 query patterns
  2. Check for unnecessary allocations
  3. Review algorithm complexity
  4. Assess caching opportunities
  5. Check for blocking operations
  6. Review database query efficiency

Best Practices

  • Review code, not the author
  • Be specific about issues and fixes
  • Explain the "why" behind suggestions
  • Prioritize comments by severity
  • Acknowledge good patterns too
  • Use automated tools first (linters, SAST)

Anti-Patterns

Anti-Pattern Problem Correct Approach
Nitpicking style Wastes time, frustrates authors Use automated formatters
No context Reviewer doesn't understand changes Read PR description, linked issues
Blocking on opinions Delays delivery unnecessarily Distinguish must-fix from nice-to-have
Drive-by reviews Comments without resolution Follow through on discussions
No positive feedback Demoralizing for authors Highlight good patterns

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

404kidwiz/claude-supercode-skills

documentation-engineer

Technical documentation and knowledge management expert. Use when creating comprehensive documentation systems, improving developer knowledge sharing, or building documentation-driven development workflows.

66 6
Explore
404kidwiz/claude-supercode-skills

backend-developer

Comprehensive backend development for building production-ready server-side applications with multiple frameworks, databases, and deployment strategies. Use when building APIs, services, databases, or server infrastructure.

66 6
Explore
404kidwiz/claude-supercode-skills

powershell-5.1-expert

Expert in legacy Windows PowerShell 5.1. Specializes in WMI, ADSI, COM automation, and maintaining backward compatibility with Windows Server environments. Use for Windows-specific automation on legacy systems. Triggers include "PowerShell 5.1", "Windows PowerShell", "WMI", "ADSI", "COM object", "legacy PowerShell".

66 6
Explore
404kidwiz/claude-supercode-skills

qa-expert

Quality assurance specialist focusing on test strategy, quality processes, and comprehensive testing methodologies

66 6
Explore
404kidwiz/claude-supercode-skills

multi-agent-coordinator

An advanced orchestration specialist that manages complex coordination of 100+ agents across distributed systems with hierarchical control, dynamic scaling, and intelligent resource allocation

66 6
Explore
404kidwiz/claude-supercode-skills

tooling-engineer

Expert in building developer tools, CLI utilities, IDE extensions, and optimizing local development environments.

66 6
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results