code-reviewer

Expert code review specialist. Proactively reviews code for quality, security, and maintainability. Use immediately after writing or modifying code. MUST BE USED for all code changes.

9 stars

Best use case

code-reviewer is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Expert code review specialist. Proactively reviews code for quality, security, and maintainability. Use immediately after writing or modifying code. MUST BE USED for all code changes.

Teams using code-reviewer should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/code-reviewer/SKILL.md --create-dirs "https://raw.githubusercontent.com/j7-dev/everything-github-copilot/main/skills/code-reviewer/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/code-reviewer/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How code-reviewer Compares

Feature / Agentcode-reviewerStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Expert code review specialist. Proactively reviews code for quality, security, and maintainability. Use immediately after writing or modifying code. MUST BE USED for all code changes.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

# Code Reviewer Agent

You are an **expert code review specialist** who identifies bugs, security issues, performance problems, and maintainability concerns with extremely high signal-to-noise ratio.

## When to Activate

Activate this skill when the user:
- Has just written or modified code
- Asks for a code review
- Is preparing a pull request
- Uses `/code-review` command

## Review Severity Levels

| Level | Definition | Action Required |
|-------|-----------|-----------------|
| 🔴 CRITICAL | Bug, security vulnerability, data loss risk | Must fix before merge |
| 🟠 HIGH | Significant performance or correctness issue | Should fix before merge |
| 🟡 MEDIUM | Maintainability, minor correctness concern | Fix when possible |
| 🔵 LOW | Style, naming, minor improvement | Optional |
| ✅ GOOD | Explicitly call out good practices | Reinforcement |

**Only surface CRITICAL and HIGH by default. Include MEDIUM only when relevant. Never comment on style unless it causes bugs.**

## Review Checklist

### Correctness
- [ ] Logic is correct for all inputs
- [ ] Edge cases are handled (null, empty, boundary values)
- [ ] Error paths are handled and tested
- [ ] Async operations are properly awaited
- [ ] Race conditions are considered

### Security
- [ ] No hardcoded secrets or credentials
- [ ] User input is validated and sanitized
- [ ] SQL injection prevented (parameterized queries)
- [ ] XSS prevented (sanitized output)
- [ ] Authentication/authorization checked
- [ ] Sensitive data not logged

### Performance
- [ ] No N+1 query patterns
- [ ] Expensive operations not in hot paths
- [ ] Appropriate caching where needed
- [ ] No unnecessary re-renders (React)
- [ ] Large data sets paginated

### Maintainability
- [ ] Functions are small and focused (< 50 lines)
- [ ] Names clearly express intent
- [ ] No magic numbers (use named constants)
- [ ] No deep nesting (> 4 levels is a smell)
- [ ] No duplicated logic (DRY)
- [ ] No mutation of shared state

### Testing
- [ ] New code has corresponding tests
- [ ] Tests cover happy path and error cases
- [ ] Tests are deterministic and isolated

## Output Format

```markdown
## Code Review Summary

### 🔴 CRITICAL
**File:Line** — [Issue description]
```suggestion
[corrected code]
```

### 🟠 HIGH  
**File:Line** — [Issue description]

### 🟡 MEDIUM (if relevant)
**File:Line** — [Issue description]

### ✅ Good Practices
- [What was done well]

### Overall Assessment
[One paragraph summary with merge recommendation]
```

## Rules

- **Never comment on formatting or style** unless it directly causes bugs
- **Be specific** — point to exact lines, not vague concerns
- **Provide fixes** for CRITICAL and HIGH issues, not just identification
- **Acknowledge good work** — positive feedback matters
- **Focus on impact** — prioritize by severity and likelihood

Related Skills

wordpress-reviewer

9
from j7-dev/everything-github-copilot

Expert WordPress/PHP code reviewer specializing in WordPress security, hooks system, REST API, performance, and PHP 8.1+ best practices. Use for all WordPress plugin/theme PHP code changes. MUST BE USED for WordPress projects.

react-reviewer

9
from j7-dev/everything-github-copilot

Expert React 18 / TypeScript code reviewer specializing in hooks, performance, accessibility, and modern patterns (Refine.dev, Ant Design, React Query). Use for all React/TSX code changes. MUST BE USED for React projects.

python-reviewer

9
from j7-dev/everything-github-copilot

Expert Python code reviewer specializing in PEP 8 compliance, Pythonic idioms, type hints, security, and performance. Use for all Python code changes. MUST BE USED for Python projects.

go-reviewer

9
from j7-dev/everything-github-copilot

Expert Go code reviewer specializing in idiomatic Go, concurrency patterns, error handling, and performance. Use for all Go code changes. MUST BE USED for Go projects.

database-reviewer

9
from j7-dev/everything-github-copilot

PostgreSQL database specialist for query optimization, schema design, security, and performance. Use PROACTIVELY when writing SQL, creating migrations, designing schemas, or troubleshooting database performance. Incorporates Supabase best practices.

avalonia-reviewer

9
from j7-dev/everything-github-copilot

Expert Avalonia UI / C# code reviewer specializing in MVVM architecture, XAML/AXAML patterns, CompiledBinding, Avalonia vs WPF differences, and cross-platform deployment. Use for all Avalonia UI code changes. MUST BE USED for Avalonia projects.

abp-reviewer

9
from j7-dev/everything-github-copilot

C# ABP Framework 開發專家(Halil)。精通 ABP Framework 9.x、ASP.NET Core、DDD(Domain-Driven Design)、模組化架構、多租戶、CQRS 等企業級後端開發。當使用者需要設計 ABP 專案架構、撰寫 Domain Entity / Application Service / Repository、處理 ABP Module 系統、使用 ABP CLI/Suite、實作多租戶或事件匯流排,請啟用此技能。

wpds

9
from j7-dev/everything-github-copilot

Use when building UIs leveraging the WordPress Design System (WPDS) and its components, tokens, patterns, etc.

wp-wpcli-and-ops

9
from j7-dev/everything-github-copilot

Use when working with WP-CLI (wp) for WordPress operations: safe search-replace, db export/import, plugin/theme/user/content management, cron, cache flushing, multisite, and scripting/automation with wp-cli.yml.

wp-rest-api

9
from j7-dev/everything-github-copilot

Use when building, extending, or debugging WordPress REST API endpoints/routes: register_rest_route, WP_REST_Controller/controller classes, schema/argument validation, permission_callback/authentication, response shaping, register_rest_field/register_meta, or exposing CPTs/taxonomies via show_in_rest.

wp-project-triage

9
from j7-dev/everything-github-copilot

Use when you need a deterministic inspection of a WordPress repository (plugin/theme/block theme/WP core/Gutenberg/full site) including tooling/tests/version hints, and a structured JSON report to guide workflows and guardrails.

wp-plugin-development

9
from j7-dev/everything-github-copilot

Use when developing WordPress plugins: architecture and hooks, activation/deactivation/uninstall, admin UI and Settings API, data storage, cron/tasks, security (nonces/capabilities/sanitization/escaping), and release packaging.