code-review
Scannednpx machina-cli add skill gologo13/agent-skills/code-review --openclawCode Review
Overview
Perform a thorough code review that verifies functionality, maintainability, and security before approving a change. Focus on architecture, readability, performance implications, and provide actionable suggestions for improvement.
Steps
- Understand the change
- Read the PR description and related issues for context
- Identify the scope of files and features impacted
- Note any assumptions or questions to clarify with the author
- Validate functionality
- Confirm the code delivers the intended behavior
- Exercise edge cases or guard conditions mentally or by running locally
- Check error handling paths and logging for clarity
- Assess quality
- Ensure functions are focused, names are descriptive, and code is readable
- Watch for duplication, dead code, or missing tests
- Verify documentation and comments reflect the latest changes
- Review security and risk
- Look for injection points, insecure defaults, or missing validation
- Confirm secrets or credentials are not exposed
- Evaluate performance or scalability impacts of the change
Review Checklist
Functionality
- Intended behavior works and matches requirements
- Edge cases handled gracefully
- Error handling is appropriate and informative
Code Quality
- Code structure is clear and maintainable
- No unnecessary duplication or dead code
- Tests/documentation updated as needed
Security & Safety
- No obvious security vulnerabilities introduced
- Inputs validated and outputs sanitized
- Sensitive data handled correctly
Additional Review Notes
- Architecture and design decisions considered
- Performance bottlenecks or regressions assessed
- Coding standards and best practices followed
- Resource management, error handling, and logging reviewed
- Suggested alternatives, additional test cases, or documentation updates captured
Provide constructive feedback with concrete examples and actionable guidance for the author.
Source
git clone https://github.com/gologo13/agent-skills/blob/main/skills/code-review/SKILL.mdView on GitHub Overview
Performs a thorough review to verify functionality, maintainability, and security before approving a change. It emphasizes architecture, readability, performance implications, and provides actionable suggestions for improvement.
How This Skill Works
Review begins by understanding the change: reading the PR description, identifying impacted files, and noting questions. Then you validate functionality and edge cases, inspect error handling and logging, and assess quality, duplication, and tests. Finally, you evaluate security risks and performance impacts, offering concrete recommendations.
When to Use It
- Before merging a pull request (PR) to ensure the change aligns with requirements
- When architecture, readability, or maintainability may be affected
- When security risks, input validation, or secrets handling are a concern
- When performance or scalability implications need assessment
- During reviews where documented tests and updated docs are required
Quick Start
- Step 1: Understand the change by reading the PR and scope
- Step 2: Validate functionality, edge cases, and error handling
- Step 3: Assess quality, security, architecture, and provide actionable feedback
Best Practices
- Read the PR description and related issues to establish context
- Validate functionality with edge cases and verify error handling
- Ensure code is focused, descriptive, and free of duplication or dead code
- Verify documentation and inline comments reflect the latest changes
- Provide concrete, actionable feedback with examples and suggested fixes
Example Use Cases
- Reviewing a backend API change to confirm correctness and security
- Assessing a frontend refactor for readability and performance
- Auditing a data model change for validation and error handling
- Evaluating a security-related update to credential handling
- Checking for tests coverage and documentation alignment with code changes
