code-reviewer
npx machina-cli add skill alirezarezvani/claude-skills/code-reviewer --openclawCode Reviewer
Automated code review tools for analyzing pull requests, detecting code quality issues, and generating review reports.
Table of Contents
Tools
PR Analyzer
Analyzes git diff between branches to assess review complexity and identify risks.
# Analyze current branch against main
python scripts/pr_analyzer.py /path/to/repo
# Compare specific branches
python scripts/pr_analyzer.py . --base main --head feature-branch
# JSON output for integration
python scripts/pr_analyzer.py /path/to/repo --json
What it detects:
- Hardcoded secrets (passwords, API keys, tokens)
- SQL injection patterns (string concatenation in queries)
- Debug statements (debugger, console.log)
- ESLint rule disabling
- TypeScript
anytypes - TODO/FIXME comments
Output includes:
- Complexity score (1-10)
- Risk categorization (critical, high, medium, low)
- File prioritization for review order
- Commit message validation
Code Quality Checker
Analyzes source code for structural issues, code smells, and SOLID violations.
# Analyze a directory
python scripts/code_quality_checker.py /path/to/code
# Analyze specific language
python scripts/code_quality_checker.py . --language python
# JSON output
python scripts/code_quality_checker.py /path/to/code --json
What it detects:
- Long functions (>50 lines)
- Large files (>500 lines)
- God classes (>20 methods)
- Deep nesting (>4 levels)
- Too many parameters (>5)
- High cyclomatic complexity
- Missing error handling
- Unused imports
- Magic numbers
Thresholds:
| Issue | Threshold |
|---|---|
| Long function | >50 lines |
| Large file | >500 lines |
| God class | >20 methods |
| Too many params | >5 |
| Deep nesting | >4 levels |
| High complexity | >10 branches |
Review Report Generator
Combines PR analysis and code quality findings into structured review reports.
# Generate report for current repo
python scripts/review_report_generator.py /path/to/repo
# Markdown output
python scripts/review_report_generator.py . --format markdown --output review.md
# Use pre-computed analyses
python scripts/review_report_generator.py . \
--pr-analysis pr_results.json \
--quality-analysis quality_results.json
Report includes:
- Review verdict (approve, request changes, block)
- Score (0-100)
- Prioritized action items
- Issue summary by severity
- Suggested review order
Verdicts:
| Score | Verdict |
|---|---|
| 90+ with no high issues | Approve |
| 75+ with ≤2 high issues | Approve with suggestions |
| 50-74 | Request changes |
| <50 or critical issues | Block |
Reference Guides
Code Review Checklist
references/code_review_checklist.md
Systematic checklists covering:
- Pre-review checks (build, tests, PR hygiene)
- Correctness (logic, data handling, error handling)
- Security (input validation, injection prevention)
- Performance (efficiency, caching, scalability)
- Maintainability (code quality, naming, structure)
- Testing (coverage, quality, mocking)
- Language-specific checks
Coding Standards
references/coding_standards.md
Language-specific standards for:
- TypeScript (type annotations, null safety, async/await)
- JavaScript (declarations, patterns, modules)
- Python (type hints, exceptions, class design)
- Go (error handling, structs, concurrency)
- Swift (optionals, protocols, errors)
- Kotlin (null safety, data classes, coroutines)
Common Antipatterns
references/common_antipatterns.md
Antipattern catalog with examples and fixes:
- Structural (god class, long method, deep nesting)
- Logic (boolean blindness, stringly typed code)
- Security (SQL injection, hardcoded credentials)
- Performance (N+1 queries, unbounded collections)
- Testing (duplication, testing implementation)
- Async (floating promises, callback hell)
Languages Supported
| Language | Extensions |
|---|---|
| Python | .py |
| TypeScript | .ts, .tsx |
| JavaScript | .js, .jsx, .mjs |
| Go | .go |
| Swift | .swift |
| Kotlin | .kt, .kts |
Source
git clone https://github.com/alirezarezvani/claude-skills/blob/main/engineering-team/code-reviewer/SKILL.mdView on GitHub Overview
Automated code-review tool for PRs across TypeScript, JavaScript, Python, Go, Swift, and Kotlin. It analyzes pull requests for complexity and risk, checks for SOLID violations and code smells, and generates structured review reports and checklists to streamline approvals.
How This Skill Works
Code-reviewer is built from three tools: PR Analyzer scans diffs for hardcoded secrets, risky patterns, and overall complexity; Code Quality Checker flags structural issues such as long functions, large files, deep nesting, high cyclomatic complexity, too many parameters, and missing error handling; Review Report Generator compiles findings into a verdict, severity-based issue summary, and prioritized action items for the PR team.
When to Use It
- When reviewing pull requests to quickly gauge risk and necessary fixes.
- When analyzing code quality across a repository to identify SOLID violations and smells.
- When preparing a structured review checklist for reviewers.
- When prioritizing review order based on complexity and risk scores.
- When generating shareable review reports for stakeholders or audits.
Quick Start
- Step 1: Analyze the PR with PR Analyzer: python scripts/pr_analyzer.py /path/to/repo --json
- Step 2: Run Code Quality Checker for the target language: python scripts/code_quality_checker.py /path/to/code --json
- Step 3: Generate a consolidated review report: python scripts/review_report_generator.py /path/to/repo --format json
Best Practices
- Run PR Analyzer first to surface secrets, risks, and complexity.
- Use Code Quality Checker on the target language to catch language-specific smells.
- Prefer the JSON output for automation and integrations; export Markdown for human-readable reports.
- Tune thresholds (e.g., function size, nesting, complexity) to match project standards.
- Review high-risk items first and verify fixes across critical files.
Example Use Cases
- Identify a TypeScript PR with excessive complexity and missing error handling in core modules.
- Detect unused imports and magic numbers in a Python feature branch.
- Flag a Go PR containing a god class and deep nesting that impacts maintainability.
- Generate a report for a Kotlin PR showing prioritized actions and review order.
- Block a PR if secrets or tokens are detected in the diffs.
