code-review-assistant
Comprehensive code review assistant that analyzes code for security vulnerabilities, performance issues, and code quality. Use when reviewing pull requests, conducting code audits, or analyzing code changes. Supports Python, JavaScript/TypeScript, and general code patterns. Includes automated analysis scripts and structured checklists.
Best use case
code-review-assistant is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Comprehensive code review assistant that analyzes code for security vulnerabilities, performance issues, and code quality. Use when reviewing pull requests, conducting code audits, or analyzing code changes. Supports Python, JavaScript/TypeScript, and general code patterns. Includes automated analysis scripts and structured checklists.
Teams using code-review-assistant should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/code-review-assistant/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How code-review-assistant Compares
| Feature / Agent | code-review-assistant | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Comprehensive code review assistant that analyzes code for security vulnerabilities, performance issues, and code quality. Use when reviewing pull requests, conducting code audits, or analyzing code changes. Supports Python, JavaScript/TypeScript, and general code patterns. Includes automated analysis scripts and structured checklists.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Code Review Assistant Perform structured code reviews using checklists and automated analysis tools. ## Review Workflow 1. **Gather context** - Understand the scope of changes 2. **Run automated analysis** - Execute scripts for metrics and security scans 3. **Apply checklists** - Review using category-specific checklists 4. **Synthesize findings** - Compile issues with severity and recommendations ## Quick Start For a standard code review: ```bash # 1. View changes git diff HEAD~1 # 2. Analyze code complexity and metrics python scripts/analyze.py <file_or_directory> # 3. Scan for security patterns (optional) python scripts/security_scan.py <file_or_directory> ``` Then apply the appropriate checklists based on the code type. ## Automated Analysis ### Code Metrics Analysis Run `scripts/analyze.py` to get code metrics: ```bash python scripts/analyze.py path/to/code --output json python scripts/analyze.py src/ --recursive ``` Outputs: - Lines of code (total, code, comments, blank) - Function/method count and average length - Cyclomatic complexity estimates - File-level metrics summary ### Security Pattern Scan Run `scripts/security_scan.py` for quick security checks: ```bash python scripts/security_scan.py path/to/code python scripts/security_scan.py src/ --severity high ``` Detects: - Dangerous function calls (eval, exec, shell injection) - Hardcoded credentials patterns - SQL injection indicators - XSS vulnerability patterns ## Review Checklists Select checklists based on the type of changes being reviewed: ### Security Review **When to use**: Authentication changes, user input handling, API endpoints, database queries See [SECURITY.md](references/SECURITY.md) for complete security checklist covering: - Injection vulnerabilities (SQL, XSS, command injection) - Authentication and authorization - Data exposure and encryption - Input validation ### Performance Review **When to use**: Database operations, loops, API calls, data processing See [PERFORMANCE.md](references/PERFORMANCE.md) for performance checklist covering: - N+1 query detection - Memory management - Algorithmic complexity - Caching opportunities ### Code Quality Review **When to use**: All code changes, especially new features and refactoring See [QUALITY.md](references/QUALITY.md) for quality checklist covering: - Naming conventions - Function complexity - DRY principle adherence - Error handling patterns ## Review Output Format Structure findings using this format: ```markdown ## Code Review Summary **Files reviewed**: [count] **Issues found**: Critical: X | High: Y | Medium: Z | Low: W ### Critical Issues 1. **[File:Line]** Description - Code: `snippet` - Fix: Recommendation ### High Priority Issues [Same format] ### Positive Observations - [Note well-implemented patterns] ### Recommendations 1. [Prioritized action items] ```
Related Skills
comprehensive-review-pr-enhance
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and e...
comprehensive-review-full-review
Use when working with comprehensive review full review
codex-peer-review
[CLAUDE CODE ONLY] Leverage Codex CLI for AI peer review, second opinions on architecture and design decisions, cross-validation of implementations, security analysis, and alternative approach generation. Requires terminal access to execute Codex CLI commands. Use when making high-stakes decisions, reviewing complex architecture, or when explicitly requested for a second AI perspective. Must be explicitly invoked using skill syntax.
code-reviewer
综合代码审查 skill,支持 TypeScript、JavaScript、Python、Swift、Kotlin、Go。包括自动代码分析、最佳实践检查、安全扫描和审查清单生成。当审查 Pull Request、提供代码反馈、识别问题或确保代码质量标准时使用此 skill。
code-review
Automated code review for pull requests using multiple specialized agents with confidence-based scoring
code-review-generic
Generic code review instructions that can be customized for any project using GitHub Copilot Triggers on: **
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing...
code-review-checklist
Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability
code-review-ai-ai-review
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
code-assistant
Expert coding assistant for writing, reviewing, and debugging code across multiple languages
awesome-copilot-root-kusto-assistant
Expert KQL assistant for live Azure Data Explorer analysis via Azure MCP server Use when: the task directly matches kusto assistant responsibilities within plugin awesome-copilot-root. Do not use when: a more specific framework or task-focused skill is clearly a better match.
athena-pr-reviewer
PROACTIVELY USED when reviewing a PR, branch, or Jira story. Handles code review against requirements and provides actionable feedback.