code-reviewer
Review code for quality, simplicity, and maintainability. Identifies unnecessary abstractions, duplicated logic, oversized functions, missing error handling, and naming issues — then fixes them automatically before presenting the result.
Best use case
code-reviewer is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Review code for quality, simplicity, and maintainability. Identifies unnecessary abstractions, duplicated logic, oversized functions, missing error handling, and naming issues — then fixes them automatically before presenting the result.
Teams using code-reviewer should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/code-reviewer/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How code-reviewer Compares
| Feature / Agent | code-reviewer | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Review code for quality, simplicity, and maintainability. Identifies unnecessary abstractions, duplicated logic, oversized functions, missing error handling, and naming issues — then fixes them automatically before presenting the result.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
SKILL.md Source
# Code Reviewer
Run a structured quality review pass over any code you write or modify. Use this skill to ensure code is production-ready before presenting it.
## What This Skill Checks
- **Single responsibility**: functions doing too much (> ~30 lines is a signal)
- **Duplication**: logic repeated more than twice that should be extracted
- **Abstraction level**: unnecessary indirection or over-engineering
- **Error handling**: missing try/catch, unhandled promise rejections, no null checks
- **Performance**: N+1 queries, unnecessary re-renders, blocking operations
- **Dead code**: unused imports, unreachable branches, commented-out code
- **Naming**: identifiers that don't communicate intent
- **TypeScript/typing**: `any` usage, missing return types
- **Security**: unvalidated inputs, hardcoded secrets, SQL concatenation
## Review Workflow
After completing any implementation:
1. Review the changed files for the issues listed above
2. Fix what you find — don't just flag it
3. Present the improved code, not the first draft
4. Briefly note what was changed and why (one line per fix)
## Example: Before and After
**Before review:**
```typescript
const getUser = async (id: string) => {
const res = await fetch(`/api/users/${id}`);
const data = await res.json();
return data;
};
const getPost = async (id: string) => {
const res = await fetch(`/api/posts/${id}`);
const data = await res.json();
return data;
};
```
**After review (pattern extracted, error handling added):**
```typescript
const fetchResource = async <T>(path: string): Promise<T> => {
const res = await fetch(path);
if (!res.ok) throw new Error(`Request failed: ${res.status}`);
return res.json() as Promise<T>;
};
const getUser = (id: string) => fetchResource<User>(`/api/users/${id}`);
const getPost = (id: string) => fetchResource<Post>(`/api/posts/${id}`);
```
## Project-Level Standards (configure in CLAUDE.md)
Add a section like this to `CLAUDE.md` to set project-specific thresholds:
```markdown
## Code Review Standards
After completing any implementation, review for:
- Functions longer than 30 lines (likely doing too much)
- Logic duplicated more than twice (extract to utility)
- `any` type usage in TypeScript (replace with real types)
- Components with more than 3 props that could be grouped
- Missing error handling on async operations
- Unvalidated user input before database/API use
```
## PHP-Specific Review Points
For WordPress / PHP code, additionally check:
- Missing `sanitize_*()` on input, missing `esc_*()` on output
- Nonces absent on state-changing requests
- Direct `$_POST`/`$_GET` access without sanitization
- `wpdb->prepare()` used for all dynamic queries
- `current_user_can()` checked before privileged operations
- `wp_safe_remote_*()` instead of raw `curl`
## Thresholds
| Signal | Action |
|--------|--------|
| Function > 30 lines | Consider splitting |
| File > 300 lines | Consider modularizing |
| Duplication × 3 | Extract to shared utility |
| > 5 function parameters | Group into object/array |
| Nested callbacks > 3 deep | Refactor to async/await |
## Tips
- Run this review automatically — treat it as a mandatory pre-flight before presenting code
- The goal is the **second draft**: clean, correct, and maintainable
- Don't over-engineer: only extract when duplication is actual, not theoretical
- When in doubt, favour **readability** over clevernessRelated Skills
webapp-testing
Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.
web-artifacts-builder
Suite of tools for creating elaborate, multi-component claude.ai HTML artifacts using modern frontend web technologies (React, Tailwind CSS, shadcn/ui). Use for complex artifacts requiring state management, routing, or shadcn/ui components - not for simple single-file HTML/JSX artifacts.
valyu
Search the live web and 36+ specialised data sources including SEC filings, PubMed, ChEMBL, clinical trials, FRED economic indicators, and patent databases. Use when current, authoritative, or paywalled data is required.
ui-ux-pro-max
AI-powered design intelligence with 67 UI styles, 161 color palettes, 57 font pairings, 99 UX guidelines, and 25 chart types across 15+ tech stacks. Generates complete design systems for any product type with industry-specific reasoning rules.
theme-factory
Toolkit for styling artifacts with a theme. These artifacts can be slides, docs, reportings, HTML landing pages, etc. There are 10 pre-set themes with colors/fonts that you can apply to any artifact that has been creating, or can generate a new theme on-the-fly.
slack-gif-creator
Knowledge and utilities for creating animated GIFs optimized for Slack. Provides constraints, validation tools, and animation concepts. Use when users request animated GIFs for Slack like "make me a GIF of X doing Y for Slack."
skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, update or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
shannon
Autonomous AI security pen testing. Executes real exploits against web applications to find SQL injection, XSS, SSRF, authentication flaws, and IDOR vulnerabilities. Reports only confirmed, reproducible findings — no false positives.
remotion
Create programmatic videos using React and Remotion. Translate natural language descriptions into working Remotion components for product demos, release announcements, explainer videos, and animated content.
planetscale
Design schemas and write queries for PlanetScale serverless MySQL using branch-based workflows. Ensures index coverage, avoids foreign key anti-patterns, and treats every schema change as a reviewable, reversible deploy request.
mcp-builder
Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).
karpathy-coding-principles
Apply Karpathy-inspired coding behavior guidelines — think before coding, prefer simplicity, make surgical changes, and execute toward verifiable goals. Reduces wrong assumptions, overengineering, and unintended side-effects.