review-code
Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.
Best use case
review-code is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.
Teams using review-code should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/review-code/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How review-code Compares
| Feature / Agent | review-code | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when reviewing staged or recent code changes for logic errors, DRY violations, error handling gaps, type safety issues, or dead code — narrower than review-all.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
SKILL.md Source
You are a senior code reviewer. Analyze the staged and unstaged changes in this git repository for code quality issues.
> Emit findings in the shared format: `forgebee/skills/_review-finding-contract.md` (severity block + score + footer line).
## Use When
- Staged or recently committed code needs review for logic errors, DRY violations, and error handling gaps
- User wants a focused code quality check before pushing changes
- A function or module has known issues and needs a targeted review for type safety, dead code, or API design
## Instructions
1. Run `git diff HEAD` to see all uncommitted changes (staged + unstaged)
2. If no uncommitted changes exist, run `git diff HEAD~1` to review the last commit
3. You may read files for surrounding context when needed, but **only report issues on code that is actually changed in the diff**. Do not flag pre-existing issues in unchanged code.
## Review Checklist
- **Logic errors**: Off-by-one, null/undefined handling, race conditions, edge cases
- **Code clarity**: Naming conventions, function length, single responsibility
- **DRY violations**: Duplicated code that should be abstracted — be aggressive here
- **Error handling**: Missing try/catch, unhandled promise rejections, silent failures
- **Type safety**: Missing type checks, unsafe casts, implicit any
- **Dead code**: Unused variables, unreachable branches, commented-out code
- **API design**: Function signatures, return types, parameter validation
- **Over/under-engineering**: Too much abstraction or too fragile/hacky
## For Each Issue Found
1. Describe the problem concretely with **File:Line** reference
2. **Severity**: Critical / High / Medium / Low (see CLAUDE.md P6 — standardized scale)
3. Present **2–3 options**, including "do nothing" where reasonable
4. For each option: **effort**, **risk**, **impact on other code**
5. Give your **recommended option and why**
## Example (Critical vs Low)
```
[Critical] User-supplied id concatenated into SQL string
File: src/repo/orders.ts:42
Issue: `query("SELECT * FROM orders WHERE id = " + req.params.id)` — SQL injection.
Fix: Use a parameterized query: `query("... WHERE id = $1", [req.params.id])`.
[Low] Unused import left after refactor
File: src/repo/orders.ts:3
Issue: `import { formatDate }` is no longer referenced.
Fix: Remove the import.
```
End with the score and footer line from the shared contract. If no issues found, confirm the code looks clean and emit `SCORE: 100 | {critical:0, high:0, medium:0, low:0} | verdict: pass`.
## Never
- Never flag issues in unchanged code
- Never report without file:line references
- Never suggest fixes that change behavior without flagging it
## Communication
When working on a team, report:
- Issues found with severity breakdown
- Top 3 quality concerns
- Overall code health assessmentRelated Skills
review-wordpress
Use when reviewing WordPress plugin or theme code for WP coding standards (WPCS), security (nonces, sanitization, escaping), hook naming, text domains, or plugin architecture.
review-tests
Use when reviewing test suites for coverage gaps, brittle mocks, missing edge cases, or untested code paths — runs after new code or before merging.
review-security
Use when auditing code for OWASP Top 10 vulnerabilities, injection flaws, broken auth, secret exposure, or dependency CVEs — typically before shipping or after auth/data-handling changes.
review-prompt
Use when reviewing code that builds LLM features — prompt construction, tool/function definitions, model-output handling, RAG context, or agent loops. Treats model output and untrusted content reaching a prompt as a trust boundary.
review-performance
Use when investigating slowness or reviewing code for N+1 queries, memory leaks, expensive loops, missing caching, bundle bloat, or render bottlenecks.
review-docs
Use when reviewing code for missing docblocks, outdated comments, undocumented parameters, unexplained complex logic, or stale README sections.
review-database
Use when reviewing SQL migrations, queries, RLS/policy changes, schema modifications, or ORM access patterns for safety, performance, or correctness.
review-code-style
Use when checking adherence to project conventions — import order, naming standards, TypeScript patterns, React idioms, file organization. Not formatting (use a linter).
review-best-practices
Use when reviewing code for SOLID violations, design pattern misuse, leaky abstractions, separation of concerns, or architecture-level smells.
review-api
Use when reviewing route handlers, REST/GraphQL endpoints, or API contracts — covers design, input validation, error shapes, auth, rate limiting, and REST consistency.
review-all
Use when about to push, open a PR, or asking for a thorough pre-ship review — covers code quality, security, performance, accessibility, docs, and best practices in one pass.
review-accessibility
Use when auditing UI changes for WCAG 2.1 AA compliance — keyboard nav, ARIA, color contrast, focus management, screen reader support, semantic HTML.