What kinds of issues does code-review cover?

Bugs/Logic errors, clean code, performance, and security as described in the guidelines.

Do you provide corrected code snippets?

Yes. Each finding includes actionable feedback and a corrected code snippet or patch.

Which files should I inspect first?

Start with repository context and key dependencies (e.g., package.json, pom.xml) and the project structure to understand scope.

code-review

Scanned

npx machina-cli add skill next-open-ai/openclawx/code-review --openclaw

Files (1)

SKILL.md

1.2 KB

Code Review Skill

Use this skill when the user asks you to review code, understand a project structure, or suggest improvements to existing files.

Guidelines

Understand Context: Before making suggestions, use the read or bash tools (e.g., ls -R, cat) to understand the surrounding project structure, package dependencies (package.json, pom.xml, etc.), and related files.
Analysis Focus:
- Bugs/Logic Errors: Identify edge cases, null pointer risks, race conditions, etc.
- Clean Code: Suggest naming improvements, refactorings to reduce complexity, or adherence to SOLID principles.
- Performance: Identify O(N^2) loops where O(N) is possible, memory leaks, unoptimized queries, etc.
- Security: Check for hardcoded credentials, SQL injection vectors, or XSS vulnerabilities.
Actionable Output: Always provide actionable feedback. Instead of just saying "this is bad", provide the corrected code snippet.

Source

git clone https://github.com/next-open-ai/openclawx/blob/main/presets/workspaces/code-assistant/skills/code-review/SKILL.md

View on GitHub

Overview

Code-review analyzes source code and project structure to identify bugs, design issues, performance bottlenecks, and security risks. It emphasizes actionable feedback with concrete code snippets to fix problems and improve structure. This approach aligns with SOLID principles and secure coding practices.

How This Skill Works

First, use read or bash tools to inspect the repository (e.g., ls -R, cat, and common config files like package.json or pom.xml). Next, perform targeted checks for bugs, clean code, performance, and security, and generate actionable feedback with patch-ready suggestions. Each recommendation includes a corrected code snippet to apply the change and illustrate the fix.

When to Use It

Review a code snippet for correctness and edge cases
Map out a project’s structure and dependencies to understand scope
Identify performance bottlenecks, such as inefficient loops or queries
Spot security issues like hardcoded credentials or injection risks
Suggest refactors to improve readability and align with SOLID principles

Quick Start

Step 1: Run read or bash to explore files and dependencies (e.g., ls -R, cat, package.json).
Step 2: Run a quick risk scan to list bugs, smells, and security concerns.
Step 3: Provide corrected code snippets and patch-ready diffs with explanations.

Best Practices

Always inspect the repository with read/bash before proposing changes
Provide concrete, patch-ready fixes alongside explanations
Prioritize high-impact issues and clearly explain trade-offs
Highlight potential side effects and test cases for changes
Keep changes minimal and well-scoped to reduce risk

Example Use Cases

Fix a null-check that prevents crashes and add fallback handling
Refactor a large function into smaller, well-named helpers following SOLID
Replace O(N^2) loop with an efficient data structure and caching
Parameterize SQL queries to prevent injection vulnerabilities
Remove hardcoded credentials and migrate to environment-based config

Frequently Asked Questions

Add this skill to your agents