Best use case
code-reviewer is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
进行系统化的代码审查,检查代码质量、安全性和性能。当用户要求审查代码、review 或检查代码时使用
Teams using code-reviewer should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/code-reviewer/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How code-reviewer Compares
| Feature / Agent | code-reviewer | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
进行系统化的代码审查,检查代码质量、安全性和性能。当用户要求审查代码、review 或检查代码时使用
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
SKILL.md Source
# 代码审查助手
## 审查目标
对代码进行全面、系统的质量检查,识别潜在问题并提供改进建议。
## 审查维度
必须按以下顺序检查:
### 功能正确性
1. 逻辑完整性:功能是否按预期工作
2. 边界条件:是否处理了极端情况
3. 错误处理:异常是否被妥善处理
4. 数据验证:输入是否经过验证
### 代码质量
1. 命名规范:变量、函数、类名是否清晰表意
2. 代码复杂度:单个函数是否过于复杂(圈复杂度 >10 需要重构)
3. 重复代码:是否存在可提取的重复逻辑(DRY 原则)
4. 注释质量:复杂逻辑是否有充分注释
### 性能考虑
1. 算法效率:时间和空间复杂度是否合理
2. 资源管理:内存、文件、网络资源是否正确释放
3. 数据库查询:是否存在 N+1 查询问题
4. 缓存策略:是否合理使用缓存
### 安全性
1. 输入验证:用户输入是否经过清理
2. SQL 注入:数据库操作是否使用参数化查询
3. XSS 防护:前端输出是否转义
4. 认证授权:权限检查是否完整
5. 敏感信息:是否暴露密钥、密码等
### 可维护性
1. 模块化:代码组织是否清晰
2. 单一职责:每个模块是否职责明确
3. 依赖管理:依赖是否合理
4. 测试覆盖:是否有足够的单元测试
## 输出格式
按严重程度分类报告:
### 严重(必须修复)
阻塞问题,必须在合并前解决
### 重要(强烈建议)
显著影响质量或安全,应尽快解决
### 次要(建议改进)
可以改进的地方,不阻塞合并
### 优化建议
性能或可读性优化建议
每个问题必须包含:
- 文件路径和行号
- 问题描述
- 影响分析
- 修复建议或示例代码
## 示例输出
```
## 审查结果
### 严重(1 个问题)
**SQL 注入风险** - src/api/user.js:45
问题:直接拼接用户输入到 SQL 查询
风险:攻击者可以注入恶意 SQL 代码
建议:使用参数化查询
```javascript
// 修复前
const query = `SELECT * FROM users WHERE id = ${userId}`;
// 修复后
const query = 'SELECT * FROM users WHERE id = ?';
db.execute(query, [userId]);
```
### 重要(2 个问题)
...
```Related Skills
git-commit-formatter
生成符合 Conventional Commits 规范的 Git 提交信息。当用户要求生成提交、创建 commit 或写提交信息时使用
deploy-staging
将当前分支部署到测试环境。当用户要求部署、发布到测试或在 staging 环境测试时使用
turborepo
Guide for implementing Turborepo - a high-performance build system for JavaScript and TypeScript monorepos. Use when setting up monorepos, optimizing build performance, implementing task pipelines, configuring caching strategies, or orchestrating tasks across multiple packages.
test-expert
Testing methodologies, test-driven development (TDD), unit and integration testing, and testing best practices across multiple frameworks. Use when the user needs to write tests, implement TDD, or improve test coverage and quality.
template-skill
Replace with description of the skill and when Claude should use it.
tailwindcss
Guide for implementing Tailwind CSS - a utility-first CSS framework for rapid UI development. Use when styling applications with responsive design, dark mode, custom themes, or building design systems with Tailwind's utility classes.
skill-creator
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
shopify
Guide for implementing Shopify apps, extensions, themes, and integrations using GraphQL/REST APIs, Shopify CLI, Polaris UI, and various extension types (Checkout, Admin, POS). Use when building Shopify apps, implementing checkout extensions, customizing admin interfaces, creating themes with Liquid, or integrating with Shopify's APIs.
shell-scripting
Specialized knowledge of Bash and Zsh scripting, shell automation, command-line tools, and scripting best practices. Use when the user needs to write, debug, or optimize shell scripts or work with command-line tools.
shadcn-ui
Guide for implementing shadcn/ui - a collection of beautifully-designed, accessible UI components built with Radix UI and Tailwind CSS. Use when building user interfaces, adding UI components, or implementing design systems in React-based applications.
repomix
Guide for using Repomix - a powerful tool that packs entire repositories into single, AI-friendly files. Use when packaging codebases for AI analysis, generating context for LLMs, creating codebase snapshots, analyzing third-party libraries, or preparing repositories for security audits.
remix-icon
Guide for implementing RemixIcon - an open-source neutral-style icon library with 3,100+ icons in outlined and filled styles. Use when adding icons to applications, building UI components, or designing interfaces. Supports webfonts, SVG, React, Vue, and direct integration.