What outputs can I expect?

Complexity scores, risk levels, file prioritization, commit message validation, and JSON outputs for CI integration.

How are the tools organized?

PR Analyzer analyzes diffs for risks, Code Quality Checker inspects code quality against thresholds, and Review Report Generator produces a final verdict with prioritized actions.

code-reviewer

Scanned

npx machina-cli add skill Joncik91/ucai/code-reviewer --openclaw

Files (1)

SKILL.md

4.5 KB

Code Reviewer

Automated code review tools for analyzing pull requests, detecting code quality issues, and generating review reports.

Tools
Reference Guides
Languages Supported

Tools

PR Analyzer

Analyzes git diff between branches to assess review complexity and identify risks.

# Analyze current branch against main
python scripts/pr_analyzer.py /path/to/repo

# Compare specific branches
python scripts/pr_analyzer.py . --base main --head feature-branch

# JSON output for integration
python scripts/pr_analyzer.py /path/to/repo --json

What it detects:

Hardcoded secrets (passwords, API keys, tokens)
SQL injection patterns (string concatenation in queries)
Debug statements (debugger, console.log)
ESLint rule disabling
TypeScript any types
TODO/FIXME comments

Output includes:

Complexity score (1-10)
Risk categorization (critical, high, medium, low)
File prioritization for review order
Commit message validation

Code Quality Checker

Analyzes source code for structural issues, code smells, and SOLID violations.

# Analyze a directory
python scripts/code_quality_checker.py /path/to/code

# Analyze specific language
python scripts/code_quality_checker.py . --language python

# JSON output
python scripts/code_quality_checker.py /path/to/code --json

What it detects:

Long functions (>50 lines)
Large files (>500 lines)
God classes (>20 methods)
Deep nesting (>4 levels)
Too many parameters (>5)
High cyclomatic complexity
Missing error handling
Unused imports
Magic numbers

Thresholds:

Issue	Threshold
Long function	>50 lines
Large file	>500 lines
God class	>20 methods
Too many params	>5
Deep nesting	>4 levels
High complexity	>10 branches

Review Report Generator

Combines PR analysis and code quality findings into structured review reports.

# Generate report for current repo
python scripts/review_report_generator.py /path/to/repo

# Markdown output
python scripts/review_report_generator.py . --format markdown --output review.md

# Use pre-computed analyses
python scripts/review_report_generator.py . \
  --pr-analysis pr_results.json \
  --quality-analysis quality_results.json

Report includes:

Review verdict (approve, request changes, block)
Score (0-100)
Prioritized action items
Issue summary by severity
Suggested review order

Verdicts:

Score	Verdict
90+ with no high issues	Approve
75+ with ≤2 high issues	Approve with suggestions
50-74	Request changes
<50 or critical issues	Block

Reference Guides

Code Review Checklist

references/code_review_checklist.md

Systematic checklists covering:

Pre-review checks (build, tests, PR hygiene)
Correctness (logic, data handling, error handling)
Security (input validation, injection prevention)
Performance (efficiency, caching, scalability)
Maintainability (code quality, naming, structure)
Testing (coverage, quality, mocking)
Language-specific checks

Coding Standards

references/coding_standards.md

Language-specific standards for:

TypeScript (type annotations, null safety, async/await)
JavaScript (declarations, patterns, modules)
Python (type hints, exceptions, class design)
Go (error handling, structs, concurrency)
Swift (optionals, protocols, errors)
Kotlin (null safety, data classes, coroutines)

Common Antipatterns

references/common_antipatterns.md

Antipattern catalog with examples and fixes:

Structural (god class, long method, deep nesting)
Logic (boolean blindness, stringly typed code)
Security (SQL injection, hardcoded credentials)
Performance (N+1 queries, unbounded collections)
Testing (duplication, testing implementation)
Async (floating promises, callback hell)

Languages Supported

Language	Extensions
Python	`.py`
TypeScript	`.ts`, `.tsx`
JavaScript	`.js`, `.jsx`, `.mjs`
Go	`.go`
Swift	`.swift`
Kotlin	`.kt`, `.kts`

Source

git clone https://github.com/Joncik91/ucai/blob/main/skills/code-reviewer/SKILL.mdView on GitHub

Overview

Code Reviewer automates pull-request analysis to detect code quality issues, security risks, and maintainability concerns. It bundles three tools—PR Analyzer, Code Quality Checker, and Review Report Generator—to support TypeScript, JavaScript, Python, Go, Swift, and Kotlin. It outputs a verdict, a risk-based score, and prioritized action items for fast, reliable reviews.

How This Skill Works

PR Analyzer inspects diffs for hardcoded secrets, SQL injection patterns, debug statements, ESLint rule disables, TypeScript any types, and TODO/FIXME comments. Code Quality Checker flags long functions, large files, god classes, deep nesting, too many parameters, high cyclomatic complexity, missing error handling, unused imports, and magic numbers using defined thresholds. Review Report Generator merges these findings into a structured review report with a verdict, score, prioritized actions, and issue summaries.

When to Use It

When reviewing a pull request to assess risk and review complexity before merging.
When you need a standardized quality assessment across TypeScript, JavaScript, Python, Go, Swift, and Kotlin code.
When generating a formal review report that includes a verdict and prioritized action items.
When enforcing consistency with security, maintainability, and performance standards in code reviews.
When you want pre-commit or CI-driven checks with JSON outputs for automation.

Quick Start

Step 1: Run PR Analyzer on the target repo: python scripts/pr_analyzer.py /path/to/repo --json
Step 2: Run Code Quality Checker for code health: python scripts/code_quality_checker.py /path/to/code --json
Step 3: Generate the combined review report: python scripts/review_report_generator.py /path/to/repo --format json --output review.json

Best Practices

Run PR Analyzer first to get a quick risk snapshot and identify high-risk files.
Follow up with Code Quality Checker to surface structural issues and threshold violations.
Use Review Report Generator to produce a consolidated verdict and prioritized action items.
Integrate JSON outputs into CI dashboards to track trends over time.
Keep language-specific checks up to date with the latest standards in the Reference Guides.

Example Use Cases

A TypeScript PR adds a new service; PR Analyzer flags any any types and TODO comments, while Code Quality Checker reports a long function and a few deep nesting cases; Review Report suggests refactoring and adding tests.
A Python project with a large module triggers a Large file and Deep nesting warning; the final review recommends splitting the module and adding error handling.
A Go microservice PR is flagged for potential security issues and unused imports; the review plan prioritizes removing secrets and cleaning up imports.
A JavaScript frontend PR contains several TODO/FIXME comments and a couple of magic numbers; the review report prioritizes addressing those items before merge.
A Kotlin backend PR surfaces a god class with more than 20 methods; the tool recommends splitting responsibilities and introducing interfaces.

Frequently Asked Questions

Add this skill to your agents