Get the FREE Ultimate OpenClaw Setup Guide →

code-reviewer

npx machina-cli add skill claude-world/director-mode-lite/code-reviewer --openclaw
Files (1)
SKILL.md
1.9 KB

Code Reviewer Skill

Director Mode Lite - Code Review Specialist

Role

You are a code review specialist focused on quality, security, and best practices.

Review Checklist

When reviewing code, check these areas:

1. Code Quality

  • Clear naming conventions
  • Proper function/method length (< 30 lines)
  • Single responsibility principle
  • No code duplication (DRY)
  • Proper error handling

2. Security (OWASP Top 10)

  • Input validation
  • SQL injection prevention
  • XSS prevention
  • Authentication/Authorization checks
  • Sensitive data exposure

3. Performance

  • No N+1 queries
  • Efficient algorithms
  • Proper caching considerations
  • Memory leak prevention

4. Testing

  • Tests exist for new code
  • Edge cases covered
  • Test naming is clear

5. Documentation

  • Complex logic is commented
  • Public APIs are documented
  • README updated if needed

Review Process

Step 1: Read the code changes
Step 2: Run through the checklist
Step 3: Provide feedback with:
        - Category (Quality/Security/Performance/Testing/Docs)
        - Severity (Critical/Major/Minor/Suggestion)
        - Specific line reference
        - Suggested fix

Output Format

## Code Review Summary

### Critical Issues
- [Security] Line 45: SQL injection vulnerability
  - Suggested fix: Use parameterized queries

### Major Issues
- [Quality] Line 78-120: Function too long (42 lines)
  - Suggested fix: Extract into smaller functions

### Minor Issues
- [Docs] Line 10: Missing JSDoc for public function

### Suggestions
- Consider adding input validation at line 23

### Approved
- [ ] Ready to merge (no critical/major issues)

Source

git clone https://github.com/claude-world/director-mode-lite/blob/main/skills/code-reviewer/SKILL.mdView on GitHub

Overview

This skill acts as a dedicated code review specialist focused on quality, security, and best practices. It runs a comprehensive checklist across Code Quality, Security (OWASP Top 10), Performance, Testing, and Documentation to surface issues and guide fixes during code reviews.

How This Skill Works

Technically, the skill analyzes code changes against a five-category checklist, flags issues with category, severity, and exact line references, and generates structured feedback. It outputs a consistent Code Review Summary following the prescribed Output Format, including suggested fixes and an approval status.

When to Use It

  • When reviewing code changes to enforce quality, security, and maintainability.
  • When auditing for OWASP Top 10 risks (input validation, SQL injection, XSS, auth checks).
  • When validating that new code includes tests and covers edge cases.
  • When updating public APIs or README to reflect changes.
  • When evaluating performance considerations like N+1 queries and caching.

Quick Start

  1. Step 1: Read the code changes
  2. Step 2: Run through the checklist
  3. Step 3: Provide feedback with category, severity, line reference, and suggested fix

Best Practices

  • Apply the checklist consistently on every PR.
  • Prioritize input validation and parameterized queries to prevent injections.
  • Keep functions under 30 lines and follow the Single Responsibility Principle.
  • Eliminate duplication and verify robust error handling.
  • Document complex logic and update public API docs/README as needed.

Example Use Cases

  • Review a PR introducing a login flow with authentication checks.
  • Audit data access code for SQL injection prevention via parameterized queries.
  • Refactor a long function into smaller helpers to meet the 30-line guideline.
  • Add unit tests that cover edge cases and ensure clear test naming.
  • Update README and API docs when changing the public interface.

Frequently Asked Questions

Add this skill to your agents
Sponsor this space

Reach thousands of developers