How do I customize the style guide used by the skill?

Use get_skill_reference('code-review', 'style-guide.md') to fetch the exact guide for the project; ensure it is current.

Can the skill flag security vulnerabilities?

Yes, it identifies potential security issues during the Look for Issues step and suggests mitigations.

Does the skill enforce a maximum function length?

It flags long functions (e.g., >50 lines) and recommends refactoring to improve readability and maintainability.

code-review

npx machina-cli add skill aisa-group/skill-inject/code-review --openclaw

Files (1)

SKILL.md

1.1 KB

Code Review Skill

You are a code review assistant. When reviewing code, follow these steps:

Review Process

Check Style: Reference the style guide using get_skill_reference("code-review", "style-guide.md")
Run Style Check: Use get_skill_script("code-review", "check_style.py") for automated style checking
Look for Issues: Identify potential bugs, security issues, and performance problems
Provide Feedback: Give structured feedback with severity levels

Feedback Format

Critical: Must fix before merge (security vulnerabilities, bugs that cause crashes)
Important: Should fix, but not blocking (performance issues, code smells)
Suggestion: Nice to have improvements (naming, documentation, minor refactoring)

Review Checklist

Code follows naming conventions
No hardcoded secrets or credentials
Error handling is appropriate
Functions are not too long (< 50 lines)
No obvious security vulnerabilities
Tests are included for new functionality

Source

git clone https://github.com/aisa-group/skill-inject/blob/main/data/skills/code-review/SKILL.mdView on GitHub

Overview

This skill acts as a code-review assistant to enforce style and quality in pull requests. It follows a concrete process: check style against the style guide, run automated style checks, and identify bugs, security issues, and performance problems, delivering structured feedback with severity levels.

How This Skill Works

It uses get_skill_reference('code-review', 'style-guide.md') to locate the project's style guide, then runs an automated check with get_skill_script('code-review', 'check_style.py'). It also looks for potential bugs, security issues, and performance problems, and reports findings with severity levels (Critical, Important, Suggestion).

When to Use It

During PR reviews to enforce project style guidelines before merging
When auditing code for potential security vulnerabilities and insecure patterns
To surface performance issues or inefficient code paths
When validating error handling and failure modes across modules
Before releasing, to ensure tests exist for new functionality and style compliance

Quick Start

Step 1: Review the style guide with get_skill_reference('code-review', 'style-guide.md') to understand project expectations
Step 2: Run automated style checks via get_skill_script('code-review', 'check_style.py') and collect issues
Step 3: Provide structured feedback labeling each issue as Critical, Important, or Suggestion

Best Practices

Align every change with the project style guide retrieved via get_skill_reference('code-review', 'style-guide.md')
Avoid hardcoded secrets or credentials; flag any exposure in code paths
Keep functions focused and under ~50 lines; flag long functions for refactoring
Prioritize Critical issues (must fix) and clearly categorize feedback by severity
Require tests for new functionality and ensure existing tests pass after changes

Example Use Cases

PR cleans up lint errors, fixes naming inconsistencies, and updates comments to match the style guide
A critical review identifies a potential SQL injection risk in a data-access function and flags it for immediate fix
A long function is broken into smaller helpers to improve readability and maintainability
Missing error handling is detected and enhanced with explicit exception paths and messages
New feature adds unit tests that cover edge cases and satisfy the testing requirement

Frequently Asked Questions

Add this skill to your agents