code_review
Thorough code review focusing on security, quality, and maintainability. Reviews implementation against plan and best practices.
Best use case
code_review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Thorough code review focusing on security, quality, and maintainability. Reviews implementation against plan and best practices.
Teams using code_review should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/code_review/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How code_review Compares
| Feature / Agent | code_review | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Thorough code review focusing on security, quality, and maintainability. Reviews implementation against plan and best practices.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
SKILL.md Source
# Code Review Skill Principal Engineer-level code review with security focus. ## When to Activate This skill is relevant when: - Reviewing newly implemented code - Post-implementation quality checks - Security and performance audits - Ensuring code quality standards ## Core Principles ### Focus on the Macros - Architecture matters more than style - Security, performance, maintainability first - Code as liability - is it needed? - Can it be simpler? ### Security First - Assume inputs are malicious - Look for vulnerabilities proactively - Check authorization on mutations - Validate all user input ### Constructive & Educational - Don't just find bugs - Teach *why* alternatives are better - Provide concrete examples - Build team knowledge ### Code Quality Fundamentals - Single Responsibility Principle - DRY (Don't Repeat Yourself) - Clear naming conventions - Proper error handling ## Quick Checks When reviewing code, verify: - [ ] Implementation matches the plan - [ ] No undocumented deviations - [ ] Solves the intended problem - [ ] Clear variable/function names - [ ] Single responsibility per function - [ ] No code duplication - [ ] Error handling for edge cases - [ ] Follows existing codebase patterns - [ ] Type safety (no `any`, proper null handling) - [ ] No `as any` casts (strictly forbidden) - [ ] useEffect dependencies safe (callbacks use useRef) - [ ] Tests cover main functionality and edge cases - [ ] No unused imports/variables/functions - [ ] No console.log or debug code - [ ] No commented-out code blocks - [ ] Security: Mutation ownership checked (req.user.id === resource.ownerId) - [ ] Security: Sensitive fields stripped from req.body - [ ] Security: Partial updates handle missing fields safely - [ ] Security: All new middleware has test coverage - [ ] Refactoring: Project-wide grep for bulk deletes - [ ] CSS: !important avoided unless justified - [ ] Breaking changes documented ## Issue Categories ### 🚨 Critical Must fix before merge: - Security vulnerabilities - Data corruption risks - Breaking bugs - Authorization bypasses ### ⚠️ Important Should fix soon: - Poor patterns - Missing error handling - Technical debt - Performance issues ### 💡 Suggestions Nice to have: - Style improvements - Minor optimizations - Refactoring opportunities
Related Skills
tech_review
Senior Principal Engineer performing thorough technical review of implementation plans before development.
skeptical_review
Perform a critical, skeptical code review of the project from the perspective of a Principal Engineer.
review_plan
Review the technical implementation plan against the specification.
review_domain
Perform a thorough architectural review of a domain model.
review_constitution
Review and stress-test the technical constitution after /constitute.
wireframe
Create markdown wireframes with detailed UX descriptions from a product specification. Senior UX Designer perspective inspired by Notion and Linear.
ux_redesign
Redesign a feature or page from a Principal UX Designer's perspective.
tasks
Break down an approved implementation plan into specific, actionable tasks.
specify
Create a product specification that defines what to build and why, without prescribing how.
security_agent
Perform a full security review of the codebase (Node.js & React focus).
retro
Reflect on the completed feature, document lessons learned, and improve workflows.
release_gate
Final Go/No-Go check and release preparation.