What is fstrent-code-reviewer?

A comprehensive code-review skill that enforces company standards across security, performance, maintainability, and best practices.

What outputs are produced?

A structured report including Summary, Security Issues with severities, Quality Issues, Performance Concerns, Best Practices, and Action Items.

How does it integrate with workflows?

Works with GitHub Pull Requests, GitLab Merge Requests, local file reviews, diff-based reviews, and multi-file reviews.

fstrent-code-reviewer

Scanned

npx machina-cli add skill wrm3/ai_project_template/fstrent-code-reviewer --openclaw

Files (1)

SKILL.md

3.8 KB

fstrent Code Reviewer

Perform thorough code reviews following company-specific templates, security guidelines, and best practices.

Overview

This skill provides comprehensive code review capabilities with structured checklists, security scanning, performance analysis, and maintainability assessments. It ensures consistent code quality across your projects by following standardized review procedures.

When to Use

This skill activates automatically when you:

Ask for a code review
Request security scanning
Need quality assessment
Review pull requests
Check code before committing

Capabilities

1. Security Review

SQL injection vulnerability detection
XSS attack vector identification
Authentication/authorization checks
Sensitive data exposure prevention
Input validation review
Secret/credential detection

2. Code Quality Assessment

Code style compliance
Naming conventions
Documentation completeness
Error handling patterns
Code complexity analysis
DRY principle adherence

3. Performance Analysis

Algorithm efficiency
Database query optimization
Memory usage patterns
Network request efficiency
Caching opportunities
Resource cleanup

4. Maintainability Review

Code organization
Function/class size (target: <100 lines, warn: >200 lines)
Cyclomatic complexity
Test coverage
Documentation quality
Technical debt identification

5. Best Practices

Language-specific idioms
Framework conventions
Design patterns
SOLID principles
Clean code principles
Team coding standards

Review Types

Quick Review

For small changes (<100 lines):

Security scan
Style check
Basic quality assessment
~2-5 minutes

Standard Review

For typical changes (100-500 lines):

Full security scan
Code quality analysis
Performance check
Documentation review
~10-20 minutes

Comprehensive Review

For large changes (>500 lines) or critical code:

In-depth security analysis
Detailed performance profiling
Architecture review
Test coverage analysis
Technical debt assessment
~30-60 minutes

Output Format

Reviews generate:

Summary: Overall assessment (Approve/Request Changes/Comment)
Security Issues: Critical/High/Medium/Low with recommendations
Quality Issues: Categorized by severity
Performance Concerns: Identified bottlenecks
Best Practices: Suggestions for improvement
Action Items: Specific tasks to address findings

Integration

Works with:

GitHub Pull Requests
GitLab Merge Requests
Local file reviews
Diff-based reviews
Multi-file reviews

Examples

Quick Review:

"Review this authentication function for security issues"
→ Focused security scan with recommendations

Full PR Review:

"Review PR #123 for code quality and security"
→ Comprehensive review with checklist and ratings

Pre-Commit Check:

"Check this code before I commit"
→ Quick scan for obvious issues

Company Standards

This skill enforces your specific:

Coding standards
Security requirements
Testing requirements
Documentation standards
Performance SLAs

For detailed review procedures, see rules.md.

For examples and templates, see examples/ folder.

Related Skills

fstrent-task-management: Create tasks for review findings
fstrent-qa: Track bugs found during review
fstrent-planning: Plan refactoring based on review

Version: 1.0.0 Last Updated: 2025-10-19 Part of: fstrent-spec-tasks system

Source

git clone https://github.com/wrm3/ai_project_template/blob/main/.claude/skills/fstrent-code-reviewer/SKILL.mdView on GitHub

Overview

fstrent Code Reviewer provides comprehensive, standardized code reviews that follow company templates and security guidelines. It evaluates security, performance, and maintainability, ensuring consistent code quality across projects.

How This Skill Works

The tool applies structured checklists across security, quality, performance, and maintainability domains, runs security scans and performance analyses, and compiles actionable findings and recommendations.

When to Use It

When you request a code review
When you need security scanning
When you require quality assessment
When reviewing pull requests
When checking code before committing

Quick Start

Step 1: Trigger a review by requesting code review or PR review
Step 2: The agent runs security, quality, and performance analyses per templates
Step 3: Review the results and address findings using the provided action items

Best Practices

Align reviews with language idioms and framework conventions
Enforce SOLID, clean code principles and DRY practices
Apply company coding standards, security requirements, and testing requirements
Assess maintainability via function/class size targets, cyclomatic complexity, and documentation quality
Prioritize secure, performant, and well-documented changes with actionable recommendations

Example Use Cases

Review a PR that adds a user authentication flow and scan for security gaps
Audit a complex SQL query for potential injection risks and performance issues
Evaluate a data-processing module for memory usage and network calls
Assess a refactor for maintainability, test coverage, and documentation
Run a pre-commit check to catch obvious issues before pushing a commit

Frequently Asked Questions

Add this skill to your agents