code-reviewer

PR review, quality audit, and security checks. Invoke when reviewing code changes before merging or pushing. Performs structured review covering correctness, security, performance, and maintainability.

5 stars

Best use case

code-reviewer is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

PR review, quality audit, and security checks. Invoke when reviewing code changes before merging or pushing. Performs structured review covering correctness, security, performance, and maintainability.

Teams using code-reviewer should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/code-reviewer/SKILL.md --create-dirs "https://raw.githubusercontent.com/ajcpwnz/tricycle-pro/main/core/skills/code-reviewer/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/code-reviewer/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How code-reviewer Compares

Feature / Agentcode-reviewerStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

PR review, quality audit, and security checks. Invoke when reviewing code changes before merging or pushing. Performs structured review covering correctness, security, performance, and maintainability.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

# Code Reviewer Skill

## When to use this Skill

Use this Skill when you are:

- Reviewing a pull request or set of staged changes before push
- Performing a quality audit on recently written code
- Checking for security vulnerabilities in new code
- Evaluating code against project conventions and best practices

## Review Process

### 1. Understand the Change

- Read the diff or staged changes completely before commenting
- Identify the purpose of the change (bug fix, feature, refactor, etc.)
- Check if tests are included or updated

### 2. Correctness Review

- Verify the logic matches the intended behavior
- Check for off-by-one errors, null/undefined handling, edge cases
- Ensure error paths are handled appropriately
- Verify data validation at system boundaries

### 3. Security Review

- Check for injection vulnerabilities (SQL, command, XSS)
- Verify authentication and authorization checks are in place
- Look for hardcoded secrets, credentials, or API keys
- Ensure sensitive data is not logged or exposed in error messages
- Check for path traversal and file access vulnerabilities

### 4. Performance Review

- Identify potential N+1 queries or unnecessary loops
- Check for missing indexes on queried fields
- Look for unbounded data fetches (missing pagination/limits)
- Verify resource cleanup (file handles, connections, subscriptions)

### 5. Maintainability Review

- Check naming clarity (functions, variables, files)
- Verify the change follows existing patterns in the codebase
- Look for unnecessary complexity or premature abstraction
- Check that comments explain "why" not "what"

## Output Format

Present findings as a structured review:

```
## Review Summary
- **Change type**: [bug fix / feature / refactor / etc.]
- **Risk level**: [low / medium / high]
- **Recommendation**: [approve / request changes / needs discussion]

## Findings
### Critical (must fix)
- [finding with file:line reference]

### Suggestions (should fix)
- [finding with file:line reference]

### Nits (optional)
- [finding with file:line reference]
```

## Things to Avoid

- Bikeshedding on style when a linter or formatter is configured
- Suggesting rewrites of code that is not part of the current change
- Blocking on subjective preferences without clear reasoning
- Commenting on every line — focus on meaningful findings

Related Skills

qa-run

5
from ajcpwnz/tricycle-pro

Run QA test suites against the local dev stack using Chrome DevTools and Playwright MCPs. Verifies environment, executes test flows, monitors for network errors, writes results, and creates Linear tickets for failures.

deploy-watch

5
from ajcpwnz/tricycle-pro

Monitor GitHub Actions deploy workflows after merging a PR to staging. Polls until all deploys complete, diagnoses failures, and reports results.

tdd

5
from ajcpwnz/tricycle-pro

Red-Green-Refactor test-driven development workflow. Guides the agent through writing failing tests first, then implementing code to pass them, then refactoring while keeping tests green.

linear-audit

5
from ajcpwnz/tricycle-pro

Route audit findings to Linear as issues. Reads the most recent audit report from docs/audits/, parses findings at warning severity or above, and creates Linear issues in the project's configured team. Requires Linear MCP server to be available.

document-writer

5
from ajcpwnz/tricycle-pro

Document generation skill for creating DOCX, PDF, PPTX, and other formatted documents. Guides structured content creation with proper formatting, headings, tables, and professional presentation.

debugging

5
from ajcpwnz/tricycle-pro

Structured debugging workflow: reproduce, isolate, trace, fix, verify. Use when investigating bugs, unexpected behavior, or test failures. Guides systematic root-cause analysis instead of trial-and-error.

catholic

5
from ajcpwnz/tricycle-pro

Apply reverent, faith-inspired Christian verbiage to non-code artifacts. Invoke when generating specs, plans, task lists, READMEs, or other documentation to infuse them with blessings, gratitude, and references to divine guidance. Never applies to source code or config files.

code-reviewer

15
from jaem1n207/synchronize-tab-scrolling

Perform thorough code reviews with actionable, prioritized feedback. Use when a user asks to review code, check code quality, find bugs, review a pull request, audit code for issues, or get feedback on implementation. Covers correctness, security, performance, readability, and best practices across languages.

oai-solution-reviewer

15
from shepherdjerred/monorepo

This skill should be used when the user asks to "grade my solution", "review my code", "score this", "how did I do", "grade sheet", "review my OAI prep", "grade my practice problem", "review my interview prep", "evaluate my solution", "how would this score", or wants feedback on a coding interview practice solution. Evaluates Java implementations against OpenAI interviewer grading criteria and produces a comprehensive grade sheet with letter grades, numeric scores, pass/fail, and prose feedback.

code-reviewer

14
from nguyenthienthanh/aura-frog

6-aspect structured code review (security, architecture, error handling, test gaps, type safety, simplification) with calibrated scoring and per-aspect breakdown. Use when the user asks to review code, check a PR, review a pull request, audit changes before merge, or give code feedback.

template-academic-paper-reviewer

13
from docxology/template

Read-only manuscript review, methodology review, re-review, and calibration workflow for template projects. USE WHEN the user asks for peer review, referee-style critique, methods/statistics review, or verification that revisions addressed prior comments.

test-case-reviewer

12
from naodeng/awesome-qa-skills

Use this skill when you need to review test cases for completeness, clarity, maintainability, and missing scenarios; triggers include test case review and test case QA.