review

Comprehensive code review with specialized focus areas (security, performance, quality, accessibility, PRs)

8 stars

Best use case

review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Comprehensive code review with specialized focus areas (security, performance, quality, accessibility, PRs)

Teams using review should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/review/SKILL.md --create-dirs "https://raw.githubusercontent.com/dhofheinz/open-plugins/main/plugins/10x-fullstack-engineer/commands/review/skill.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/review/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How review Compares

Feature / AgentreviewStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Comprehensive code review with specialized focus areas (security, performance, quality, accessibility, PRs)

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

# Code Review Skill Router

Orchestrates comprehensive code reviews with specialized operations for different focus areas and review types.

## Available Operations

- **full** - Comprehensive review covering all categories (security, performance, quality, architecture, a11y)
- **security** - Security-focused review (auth, validation, injection, dependencies, OWASP Top 10)
- **performance** - Performance-focused review (database, backend, frontend, network optimization)
- **quality** - Code quality review (organization, patterns, testing, documentation)
- **pr** - Pull request review with git integration and change analysis
- **accessibility** - Accessibility review (a11y, ARIA, keyboard nav, screen readers)

## Argument Format

Expected: `operation [scope:"..."] [depth:"quick|standard|deep"] [focus:"..."]`

Examples:
```
/review full scope:"src/auth module" depth:"deep"
/review security scope:"payment processing" depth:"deep"
/review performance scope:"dashboard component" depth:"standard"
/review quality scope:"src/utils" depth:"quick"
/review pr scope:"PR #123" depth:"standard"
/review accessibility scope:"checkout flow" depth:"deep"
```

## Routing Logic

Parse $ARGUMENTS to extract:
1. **Operation** (first word): Determines review type
2. **Scope**: What to review (files, modules, features, PR)
3. **Depth**: Review thoroughness (quick/standard/deep)
4. **Focus**: Additional focus areas (optional)

**Router Implementation:**

```
Request: $ARGUMENTS
Base directory: /home/danie/projects/plugins/architect/open-plugins/plugins/10x-fullstack-engineer/commands/review
```

### Routing Table

| Operation | Instruction File | Purpose |
|-----------|-----------------|---------|
| full | review/full.md | Comprehensive review (all categories) |
| security | review/security.md | Security-focused review |
| performance | review/performance.md | Performance-focused review |
| quality | review/quality.md | Code quality review |
| pr | review/pr.md | Pull request review |
| accessibility | review/accessibility.md | Accessibility review |

### Execution Flow

1. **Parse Arguments**:
   - Extract operation name (first word)
   - Extract remaining parameters (scope, depth, focus)
   - Validate operation is recognized

2. **Route to Operation**:
   - Read corresponding .md file from review/ directory
   - Pass remaining arguments to operation
   - Execute review workflow

3. **Error Handling**:
   - Unknown operation → List available operations with descriptions
   - Missing scope → Request scope specification
   - Invalid depth → Default to "standard"

### Example Routing

**Input**: `/review security scope:"auth module" depth:"deep"`
- Operation: `security`
- Route to: `review/security.md`
- Parameters: `scope:"auth module" depth:"deep"`

**Input**: `/review pr scope:"PR #456"`
- Operation: `pr`
- Route to: `review/pr.md`
- Parameters: `scope:"PR #456" depth:"standard"` (default depth)

**Input**: `/review unknown`
- Error: Unknown operation
- Response: List available operations with usage examples

## Review Depth Levels

All operations support three depth levels:

**Quick** (5-10 minutes):
- High-level code scan
- Critical issues only
- Obvious bugs and anti-patterns
- Major concerns in focus area

**Standard** (20-30 minutes):
- Thorough review
- All major categories covered
- Testing and documentation check
- Moderate depth per area

**Deep** (45-60+ minutes):
- Comprehensive analysis
- All categories in detail
- Architecture and design patterns
- Scalability considerations
- Complete audit in focus area

## Common Parameters

All review operations accept:

- **scope**: What to review (required)
  - Examples: "PR #123", "src/auth", "payment feature", "recent changes"

- **depth**: Review thoroughness (optional, default: "standard")
  - Values: "quick", "standard", "deep"

- **focus**: Additional areas to emphasize (optional)
  - Examples: "security", "performance", "testing", "documentation"

## Usage Examples

**Comprehensive Review**:
```bash
/review full scope:"authentication feature" depth:"deep"
```

**Security Audit**:
```bash
/review security scope:"payment processing module" depth:"deep"
```

**Performance Analysis**:
```bash
/review performance scope:"dashboard rendering" depth:"standard"
```

**Code Quality Check**:
```bash
/review quality scope:"src/utils" depth:"quick"
```

**Pull Request Review**:
```bash
/review pr scope:"PR #789 - Add user permissions" depth:"standard"
```

**Accessibility Review**:
```bash
/review accessibility scope:"checkout flow" depth:"deep"
```

## Agent Integration

All review operations leverage the **10x-fullstack-engineer** agent for:
- Cross-stack expertise
- Pattern recognition
- Best practices knowledge
- Constructive feedback
- Architectural understanding

## Now Execute

**Received Request**: `$ARGUMENTS`

1. Parse the operation from the first word
2. Read the corresponding instruction file from `review/` directory
3. Pass remaining arguments to the operation
4. Execute the review workflow
5. Provide structured feedback

If operation is unrecognized, list available operations with examples.

Related Skills

specification-writing

8
from dhofheinz/open-plugins

Core reference for EARS requirement patterns, Given/When/Then acceptance criteria, RFC 2119 language, requirement ID conventions, and specification quality checklists. Background knowledge for the spec-writer agent. Preloaded by spec-writer via the skills frontmatter field; not user-invocable.

refine

8
from dhofheinz/open-plugins

Unified specification refinement plugin. Single entry point for all spec operations: greenfield architecture pipelines (principles → design → stack → spec → plan), feature spec creation in existing systems, iterative convergence loops, quality reviews, drift detection, finalization, ticket decomposition, traceable updates, and lifecycle archival. Detects pipeline state from existing artifact frontmatter and routes intelligently. Use whenever you need to create, refine, validate, or evolve a technical specification.

validation-orchestrator

8
from dhofheinz/open-plugins

Intelligent validation orchestrator with auto-detection and progressive validation workflows

security-scan

8
from dhofheinz/open-plugins

Comprehensive security scanning for secrets, vulnerabilities, and unsafe practices

schema-validation

8
from dhofheinz/open-plugins

Validate JSON schemas, required fields, and format compliance for marketplaces and plugins

quality-analysis

8
from dhofheinz/open-plugins

Deep quality analysis with scoring, recommendations, and actionable reports

documentation-validation

8
from dhofheinz/open-plugins

Validate documentation completeness, format, and quality for plugins and marketplaces

best-practices

8
from dhofheinz/open-plugins

Enforce OpenPlugins and Claude Code best practices for naming, versioning, and standards compliance

message-generation

8
from dhofheinz/open-plugins

Generate conventional commit messages following best practices

history-analysis

8
from dhofheinz/open-plugins

Analyze git history to learn project's commit style and conventions

commit-error-handling

8
from dhofheinz/open-plugins

Handle git errors and edge cases gracefully

commit-best-practices

8
from dhofheinz/open-plugins

Enforce git commit best practices and workflow guidance