Best use case
review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Quick inline code review for devloop plan changes or PR diffs
Teams using review should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/review/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How review Compares
| Feature / Agent | review | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Quick inline code review for devloop plan changes or PR diffs
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
SKILL.md Source
# Review - Code Review
Comprehensive code review for changes, PRs, or specific files. **You do the work directly.**
## Step 1: Identify Scope
```yaml
AskUserQuestion:
questions:
- question: "What would you like to review?"
header: "Scope"
multiSelect: false
options:
- label: "Uncommitted changes"
description: "Review git diff"
- label: "Staged changes"
description: "Review git diff --cached"
- label: "Recent commits"
description: "Review last few commits"
- label: "Specific files"
description: "I'll specify paths"
```
## Step 2: Gather Code
```bash
git diff # Uncommitted
git diff --cached # Staged
git log -p -n 3 # Recent commits
gh pr diff [number] # PR
```
## Step 3: Review
**Check these areas directly:**
### Correctness
- Logic errors, edge cases, error handling
### Security
- Input validation, no hardcoded secrets, injection risks
### Quality
- Clear naming, no duplication, appropriate comments
### Performance
- No N+1 queries, proper resource handling
## Step 4: Report
Present findings by severity:
```markdown
## Code Review
### Critical (Must Fix)
- [Issue]: [Location] - [Problem and fix]
### High Priority
- [Issue]: [Location] - [Problem and fix]
### Suggestions
- [Minor improvements]
### Positive
- [Good patterns observed]
```
## Step 5: Next Steps
```yaml
AskUserQuestion:
questions:
- question: "Review complete. How proceed?"
header: "Action"
multiSelect: false
options:
- label: "Fix critical"
description: "Address blockers only"
- label: "Fix all"
description: "Apply all suggested fixes"
- label: "Accept as-is"
description: "Proceed without changes"
```
If fixing, make the changes directly using Edit tool.Related Skills
Example Skill
Brief description of what this skill does and the domain expertise it provides.
vulnerability-patterns
Index of vulnerability detection pattern skills. Routes to core patterns (universal) and language-specific patterns for security scanning.
vuln-patterns-languages
Language-specific vulnerability detection patterns for JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. Provides regex patterns and grep commands for common security vulnerabilities.
vuln-patterns-core
Universal vulnerability detection patterns applicable across all programming languages. Includes hardcoded secrets, SQL/command injection, path traversal, and configuration file patterns.
scan
Run a security assessment using deterministic static analysis tools with LLM-powered triage
results
View the most recent security scan results without re-running the scan
remediation-library
Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.
remediation-injection
Security fix patterns for injection vulnerabilities (SQL, Command, XSS). Provides language-specific code examples showing vulnerable and secure implementations.
remediation-crypto
Security fix patterns for cryptographic vulnerabilities (weak algorithms, insecure randomness, TLS issues). Provides language-specific secure implementations.
remediation-config
Security fix patterns for configuration and deployment vulnerabilities (path traversal, debug mode, security headers). Provides language-specific secure implementations.
remediation-auth
Security fix patterns for authentication and authorization vulnerabilities (credentials, JWT, deserialization, access control). Provides language-specific secure implementations.
fix
Fix or guide remediation for a specific security finding from the latest scan report