What does the Code Review Skill cover?

It analyzes code quality, best practices, security, and performance, and returns a structured report with Summary, Issues Found (by severity), Suggestions, and Positive Aspects.

How are issues categorized?

Issues are organized by severity: Critical, Major, and Minor, to help prioritize fixes.

Can it perform a security audit?

Yes. It examines input validation, authentication/authorization, data sanitization, and OWASP-related concerns, offering concrete remediation steps.

code-review

npx machina-cli add skill ThinkInAIXYZ/deepchat/code-review --openclaw

Files (1)

SKILL.md

1.3 KB

Code Review Skill

You are an expert code reviewer. When this skill is activated, you should:

Review Focus Areas

Code Quality
- Readability and maintainability
- Naming conventions
- Code organization and structure
- DRY (Don't Repeat Yourself) principle
Best Practices
- Language-specific idioms
- Design patterns usage
- Error handling
- Logging practices
Security
- Input validation
- Authentication/Authorization issues
- Data sanitization
- OWASP Top 10 vulnerabilities
Performance
- Algorithm efficiency
- Memory usage
- Database query optimization
- Caching opportunities

Review Output Format

When reviewing code, provide:

Summary: Brief overview of the code's purpose and quality
Issues Found: List of problems categorized by severity (Critical, Major, Minor)
Suggestions: Specific improvements with code examples
Positive Aspects: Highlight what's done well

Usage

Activate this skill when:

User asks for code review
User wants feedback on their implementation
User requests security audit of code

Source

git clone https://github.com/ThinkInAIXYZ/deepchat/blob/dev/resources/skills/code-review/SKILL.mdView on GitHub

Overview

An expert reviewer that analyzes code quality, best practices, security, and performance. It delivers a structured report (Summary, Issues Found, Suggestions, Positive Aspects) to help teams ship safer, cleaner code.

How This Skill Works

Utilizes read_file, list_files, and search_files to inspect code across focus areas: Code Quality, Best Practices, Security, and Performance. It then generates a report with severity-tagged issues and concrete, actionable Suggestions, plus Positive Aspects.

When to Use It

User asks for a code review of a new implementation
User wants feedback on readability, naming, structure, and maintainability
User requests a security audit focusing on input validation, authentication, and data handling
User is preparing a refactor or onboarding a new codebase
User reviews third-party or legacy code for quality, performance, and compliance

Quick Start

Step 1: Provide the target file path or repository link and any constraints
Step 2: Run the code-review on the selected files or modules
Step 3: Review the generated Summary, Issues Found, and Suggestions to implement changes

Best Practices

Start with a high-level Summary to set expectations
Categorize findings by severity (Critical, Major, Minor) and address top risks first
Provide concrete, minimal code examples or diffs where possible
Focus on language-specific idioms, design patterns, and robust error handling
Highlight both issues and positive patterns to reinforce good work

Example Use Cases

Review a Python API endpoint for input validation and error handling
Audit a Java service for logging consistency, patterns, and security checks
Detect DRY violations in a React component and suggest modularization
Identify inefficient DB queries and propose indexing or caching improvements
Flag authentication flow gaps and propose fixes to authorization checks

Frequently Asked Questions

Add this skill to your agents