review-for-prod
Production-ready Go code review (QA + security + maintainability) for this project only.
Best use case
review-for-prod is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Production-ready Go code review (QA + security + maintainability) for this project only.
Teams using review-for-prod should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/review-for-prod/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How review-for-prod Compares
| Feature / Agent | review-for-prod | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Production-ready Go code review (QA + security + maintainability) for this project only.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
Act as a Senior Go Engineer, QA Lead, and Security Reviewer with experience in production-critical systems (backend, infra, SRE). Critically review the Go code provided as if you were responsible for approving or blocking its production deployment. Be direct, rigorous, and honest. Evaluate: 1. Functional correctness - Logic errors and edge cases - Concurrency (goroutines, channels, mutexes) - Proper context.Context usage (cancellation, timeouts, propagation) 2. Code quality (anti-spaghetti) - Idiomatic Go design - Functions with too many responsibilities - Coupling between packages - Project structure and scalability 3. Maintainability and readability - Clarity for any mid-level Go developer - Variable, function, struct, and interface names - File and package organization - Fragile, duplicated, or hard-to-extend code 4. Security - Input validation and error handling - Secrets, tokens, and configuration usage - Real risks: injection, SSRF, DoS, data leaks 5. Production and operability - Error handling, retries, and timeouts - Structured and useful logging - Observability and graceful shutdown - Behavior under load and partial failures 6. Testing - Missing tests (unit, integration, concurrency) - Testability (interfaces, dependency injection) 7. Conclusion End with an explicit assessment: - ✅ Production-ready - ⚠️ Ready with recommended refactors - ❌ Not production-ready Include a summary of minimum required changes and actionable recommendations, prioritized by impact and risk. Do not soften your conclusions.
Related Skills
review-leaks
Detect secrets, credentials, and sensitive data leaks before pushing to public repositories.
review-docs
Review and clean technical documentation (Markdown/README/runbooks/ADRs). Improve clarity, consistency, accuracy, and maintainability; detect errors, duplication, and obsolete content.
release
Create a professional release using GitHub CLI (gh). Generate SemVer version, clear release notes, and ready-to-run command.
product-lens
Use this skill to validate the "why" before building, run product diagnostics, and pressure-test product direction before the request becomes an implementation contract.
production-scheduling
为离散和批量制造中的生产调度、作业排序、产线平衡、换模优化和瓶颈解决提供编码化专业知识。基于拥有15年以上经验的生产调度师的知识。包括约束理论/鼓-缓冲-绳、快速换模、设备综合效率分析、中断响应框架以及企业资源计划/制造执行系统交互模式。适用于调度生产、解决瓶颈、优化换模、应对中断或平衡制造产线时。license: Apache-2.0
flutter-dart-code-review
库无关的Flutter/Dart代码审查清单,涵盖Widget最佳实践、状态管理模式(BLoC、Riverpod、Provider、GetX、MobX、Signals)、Dart惯用法、性能、可访问性、安全性和整洁架构。
security-review
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
addressing-pr-review-comments
Address all valid review comments on a PR for the current branch in the streamlit/streamlit repo. Covers both inline review comments and general PR (issue) comments. Use when a PR has reviewer feedback to address, including code changes, style fixes, and documentation updates.
lightning-architecture-review
Review Bitcoin Lightning Network protocol designs, compare channel factory approaches, and analyze Layer 2 scaling tradeoffs. Covers trust models, on-chain footprint, consensus requirements, HTLC/PTLC compatibility, liveness, and watchtower support.
gha-security-review
Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it.
gh-review-requests
Fetch unread GitHub notifications for open PRs where review is requested from a specified team or opened by a team member. Use when asked to "find PRs I need to review", "show my review requests", "what needs my review", "fetch GitHub review requests", or "check team review queue".
fix-review
Verify fix commits address audit findings without new bugs