review-code

Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.

5 stars

Best use case

review-code is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.

Teams using review-code should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/review-code/SKILL.md --create-dirs "https://raw.githubusercontent.com/forbee-dev/ForgeBee/main/forgebee/skills/review-code/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/review-code/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How review-code Compares

Feature / Agentreview-codeStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

You are a senior code reviewer. Analyze the staged and unstaged changes in this git repository for code quality issues.

> Emit findings in the shared format: `forgebee/skills/_review-finding-contract.md` (severity block + score + footer line).

## Use When
- Staged or recently committed code needs review for logic errors, DRY violations, and error handling gaps
- User wants a focused code quality check before pushing changes
- A function or module has known issues and needs a targeted review for type safety, dead code, or API design

## Instructions

1. Run `git diff HEAD` to see all uncommitted changes (staged + unstaged)
2. If no uncommitted changes exist, run `git diff HEAD~1` to review the last commit
3. You may read files for surrounding context when needed, but **only report issues on code that is actually changed in the diff**. Do not flag pre-existing issues in unchanged code.

## Review Checklist

- **Logic errors**: Off-by-one, null/undefined handling, race conditions, edge cases
- **Code clarity**: Naming conventions, function length, single responsibility
- **DRY violations**: Duplicated code that should be abstracted — be aggressive here
- **Error handling**: Missing try/catch, unhandled promise rejections, silent failures
- **Type safety**: Missing type checks, unsafe casts, implicit any
- **Dead code**: Unused variables, unreachable branches, commented-out code
- **API design**: Function signatures, return types, parameter validation
- **Over/under-engineering**: Too much abstraction or too fragile/hacky

## For Each Issue Found

1. Describe the problem concretely with **File:Line** reference
2. **Severity**: Critical / High / Medium / Low (see CLAUDE.md P6 — standardized scale)
3. Present **2–3 options**, including "do nothing" where reasonable
4. For each option: **effort**, **risk**, **impact on other code**
5. Give your **recommended option and why**

## Example (Critical vs Low)

```
[Critical] User-supplied id concatenated into SQL string
File: src/repo/orders.ts:42
Issue: `query("SELECT * FROM orders WHERE id = " + req.params.id)` — SQL injection.
Fix: Use a parameterized query: `query("... WHERE id = $1", [req.params.id])`.

[Low] Unused import left after refactor
File: src/repo/orders.ts:3
Issue: `import { formatDate }` is no longer referenced.
Fix: Remove the import.
```

End with the score and footer line from the shared contract. If no issues found, confirm the code looks clean and emit `SCORE: 100 | {critical:0, high:0, medium:0, low:0} | verdict: pass`.

## Never
- Never flag issues in unchanged code
- Never report without file:line references
- Never suggest fixes that change behavior without flagging it

## Communication
When working on a team, report:
- Issues found with severity breakdown
- Top 3 quality concerns
- Overall code health assessment

Related Skills

review-wordpress

5
from forbee-dev/ForgeBee

Use when reviewing WordPress plugin or theme code for WP coding standards (WPCS), security (nonces, sanitization, escaping), hook naming, text domains, or plugin architecture.

review-tests

5
from forbee-dev/ForgeBee

Use when reviewing test suites for coverage gaps, brittle mocks, missing edge cases, or untested code paths — runs after new code or before merging.

review-security

5
from forbee-dev/ForgeBee

Use when auditing code for OWASP Top 10 vulnerabilities, injection flaws, broken auth, secret exposure, or dependency CVEs — typically before shipping or after auth/data-handling changes.

review-prompt

5
from forbee-dev/ForgeBee

Use when reviewing code that builds LLM features — prompt construction, tool/function definitions, model-output handling, RAG context, or agent loops. Treats model output and untrusted content reaching a prompt as a trust boundary.

review-performance

5
from forbee-dev/ForgeBee

Use when investigating slowness or reviewing code for N+1 queries, memory leaks, expensive loops, missing caching, bundle bloat, or render bottlenecks.

review-docs

5
from forbee-dev/ForgeBee

Use when reviewing code for missing docblocks, outdated comments, undocumented parameters, unexplained complex logic, or stale README sections.

review-database

5
from forbee-dev/ForgeBee

Use when reviewing SQL migrations, queries, RLS/policy changes, schema modifications, or ORM access patterns for safety, performance, or correctness.

review-code-style

5
from forbee-dev/ForgeBee

Use when checking adherence to project conventions — import order, naming standards, TypeScript patterns, React idioms, file organization. Not formatting (use a linter).

review-best-practices

5
from forbee-dev/ForgeBee

Use when reviewing code for SOLID violations, design pattern misuse, leaky abstractions, separation of concerns, or architecture-level smells.

review-api

5
from forbee-dev/ForgeBee

Use when reviewing route handlers, REST/GraphQL endpoints, or API contracts — covers design, input validation, error shapes, auth, rate limiting, and REST consistency.

review-all

5
from forbee-dev/ForgeBee

Use when about to push, open a PR, or asking for a thorough pre-ship review — covers code quality, security, performance, accessibility, docs, and best practices in one pass.

review-accessibility

5
from forbee-dev/ForgeBee

Use when auditing UI changes for WCAG 2.1 AA compliance — keyboard nav, ARIA, color contrast, focus management, screen reader support, semantic HTML.