Overview

Code Review Workflow performs adversarial code review to uncover specific issues. It activates when the user asks for a code review (for example, run code review or review this code) and relies on the defined Execution and Validation steps to surface concrete problems quickly.

How This Skill Works

It reads and follows the instructions.md that accompany the skill, then analyzes the target code for vulnerabilities, edge cases, and misconfigurations. Findings are framed as specific issues and prepared for validation against the checklist.md.

When to Use It

• When a user explicitly asks to run a code review or review this code
• When reviewing security-sensitive modules to uncover adversarial issues
• Before merging changes to a codebase to catch specific problems early
• When testing inputs, edge cases, or file handling for misuse or vulnerability
• When aligning the review with team instructions and a formal checklist

Quick Start

1. Step 1: Trigger the skill by saying run code review or review this code
2. Step 2: Read and follow ./instructions.md to guide the review
3. Step 3: Compile findings and verify against ./checklist.md

Best Practices

• Invoke the skill using the trigger phrases run code review or review this code
• Adopt an adversarial perspective, targeting specific issues rather than general quality
• Follow the instructions.md execution path for consistency
• Document issues with clear repro steps, screenshots, or logs
• Validate findings against the checklist.md and prioritize by impact

Example Use Cases

• Review a REST API endpoint handling user input for injection risks
• Audit a payment processing function for race conditions or timing bugs
• Inspect a file upload service for path traversal or content-type mismatches
• Evaluate a data export job for privacy or data leakage risks
• Assess a feature flag flow for misconfigurations and fallback paths

Frequently Asked Questions