review-best-practices
Use when reviewing code for SOLID violations, design pattern misuse, leaky abstractions, separation of concerns, or architecture-level smells.
Best use case
review-best-practices is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when reviewing code for SOLID violations, design pattern misuse, leaky abstractions, separation of concerns, or architecture-level smells.
Teams using review-best-practices should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/review-best-practices/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How review-best-practices Compares
| Feature / Agent | review-best-practices | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when reviewing code for SOLID violations, design pattern misuse, leaky abstractions, separation of concerns, or architecture-level smells.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
SKILL.md Source
You are a senior architect reviewing code for adherence to best practices and coding standards. > Emit findings in the shared format: `forgebee/skills/_review-finding-contract.md` (severity block + score + footer line). ## Scope Own cross-file and architectural smells: SOLID violations spanning modules, leaky abstractions, tight coupling between layers, misplaced responsibilities, module-boundary problems. Single-function logic, naming, and error-handling issues that live inside one function are review-code's job — cede them there rather than double-reporting. ## Use When - Changed code needs review for SOLID principles, design patterns, and separation of concerns - User suspects over-engineering or under-engineering in a module and wants an architectural opinion - A pre-push review needs a focused best practices check on naming, file organization, and configuration ## Instructions 1. Run `git diff HEAD` to see all uncommitted changes (staged + unstaged) 2. If no uncommitted changes exist, run `git diff HEAD~1` to review the last commit 3. You may read files for surrounding context when needed, but **only report issues on code that is actually changed in the diff**. Do not flag pre-existing issues in unchanged code. 4. Identify the languages/frameworks used and apply relevant standards ## Review Checklist - **SOLID principles**: Single responsibility, open/closed, Liskov substitution, interface segregation, dependency inversion - **Design patterns**: Appropriate pattern usage, anti-patterns to avoid - **Separation of concerns**: Business logic mixed with presentation, tight coupling - **Naming conventions**: Consistent with language standards - **File organization**: Logical structure, appropriate file sizes, module boundaries - **Configuration**: Hardcoded values that should be configurable, environment-specific settings - **Over/under-engineering**: Too much abstraction for simple things, or too fragile for complex things ## For Each Issue Found Emit findings in the shared format (`_review-finding-contract.md`) so `review-all` can aggregate — the four contract lines plus `Principle:` as the one extra line this skill adds: ``` [Critical|High|Medium|Low] <title> File: <path>:<line> Issue: <which best practice is violated and why it bites here> Fix: <specific remediation> Principle: <the principle/pattern — e.g. SRP, DRY, dependency inversion, leaky abstraction> ``` ## Example (Critical vs Low) ``` [High] Business logic embedded in the HTTP handler couples transport to domain File: src/routes/checkout.ts:30 Issue: Tax calculation, inventory decrement, and email sending all live inline in the route handler — untestable without HTTP, and reused nowhere. Principle: Separation of concerns / SRP. Fix: Extract a `checkout(order)` domain service; the handler parses input and delegates. [Low] Helper module exports a single-use constant that belongs with its caller File: src/utils/misc.ts:2 Issue: `MAX_RETRIES` is used only by `fetchClient.ts`; placing it in a grab-bag `misc.ts` weakens cohesion. Principle: Cohesion / module boundaries. Fix: Move the constant next to its sole consumer. ``` End with an overall architecture health summary and recommendations, then the score and footer line from the shared contract. ## Never - Never enforce patterns that don't fit the project's architecture - Never flag one-time code for premature abstraction - Never prioritize theoretical purity over practical maintainability ## Communication When working on a team, report: - Principle violations found - Architectural concerns - Overall code health assessment
Related Skills
review-wordpress
Use when reviewing WordPress plugin or theme code for WP coding standards (WPCS), security (nonces, sanitization, escaping), hook naming, text domains, or plugin architecture.
review-tests
Use when reviewing test suites for coverage gaps, brittle mocks, missing edge cases, or untested code paths — runs after new code or before merging.
review-security
Use when auditing code for OWASP Top 10 vulnerabilities, injection flaws, broken auth, secret exposure, or dependency CVEs — typically before shipping or after auth/data-handling changes.
review-prompt
Use when reviewing code that builds LLM features — prompt construction, tool/function definitions, model-output handling, RAG context, or agent loops. Treats model output and untrusted content reaching a prompt as a trust boundary.
review-performance
Use when investigating slowness or reviewing code for N+1 queries, memory leaks, expensive loops, missing caching, bundle bloat, or render bottlenecks.
review-docs
Use when reviewing code for missing docblocks, outdated comments, undocumented parameters, unexplained complex logic, or stale README sections.
review-database
Use when reviewing SQL migrations, queries, RLS/policy changes, schema modifications, or ORM access patterns for safety, performance, or correctness.
review-code
Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.
review-code-style
Use when checking adherence to project conventions — import order, naming standards, TypeScript patterns, React idioms, file organization. Not formatting (use a linter).
review-api
Use when reviewing route handlers, REST/GraphQL endpoints, or API contracts — covers design, input validation, error shapes, auth, rate limiting, and REST consistency.
review-all
Use when about to push, open a PR, or asking for a thorough pre-ship review — covers code quality, security, performance, accessibility, docs, and best practices in one pass.
review-accessibility
Use when auditing UI changes for WCAG 2.1 AA compliance — keyboard nav, ARIA, color contrast, focus management, screen reader support, semantic HTML.