agentskills.codes
CO

code-reviewer

Code review methodology, severity classification, and quality assessment patterns

Install

mkdir -p .claude/skills/code-reviewer-diegosouzapw && curl -L -o skill.zip "https://agentskills.codes/api/skills/download/17059" && unzip -o skill.zip -d .claude/skills/code-reviewer-diegosouzapw && rm skill.zip

Installs to .claude/skills/code-reviewer-diegosouzapw

Activation

This is the description your AI agent reads to decide when to run this skill — the better it matches your request, the more reliably it fires.

Code review methodology, severity classification, and quality assessment patterns
81 charsno explicit “when” trigger

About this skill

Code Reviewer

A technology-agnostic skill for systematic code review and quality assessment.

Configuration

Review constraints are loaded from .claude/config.yaml.constraints section. Project-specific rules should be defined as natural language constraints.

Review Methodology

Systematic Review Process

process: structured_review
description: "Multi-pass review for comprehensive coverage"

passes:
  1_correctness:
    focus: "Does the code do what it's supposed to?"
    checks:
      - Logic errors
      - Edge cases
      - Error handling
      - Business rule compliance

  2_security:
    focus: "Are there security vulnerabilities?"
    checks:
      - Input validation
      - Authentication/authorization
      - Data exposure
      - Injection vulnerabilities

  3_maintainability:
    focus: "Is the code maintainable?"
    checks:
      - Naming clarity
      - Code organization
      - Documentation
      - Complexity (cyclomatic)

  4_performance:
    focus: "Are there performance concerns?"
    checks:
      - Algorithm efficiency
      - Resource usage
      - Query optimization
      - Caching opportunities

Severity Classification

Issue Severity Levels

severity_levels:
  critical:
    description: "Must fix before merge"
    examples:
      - Security vulnerabilities
      - Data loss risk
      - Production-breaking bugs
    action: "BLOCK merge"

  major:
    description: "Should fix before merge"
    examples:
      - Logic errors
      - Missing error handling
      - Performance issues
    action: "Request changes"

  minor:
    description: "Should fix, but can merge"
    examples:
      - Code style violations
      - Minor inefficiencies
      - Documentation gaps
    action: "Suggest improvement"

  info:
    description: "Suggestions for improvement"
    examples:
      - Alternative approaches
      - Refactoring opportunities
      - Best practices
    action: "Comment only"

Review Checklists

Security Review Checklist

security_checklist:
  input_validation:
    - "All user inputs validated?"
    - "SQL injection prevention?"
    - "XSS prevention?"
    - "Path traversal prevention?"

  authentication:
    - "Auth checks on all protected routes?"
    - "Session management secure?"
    - "Password handling correct?"

  data_protection:
    - "Sensitive data encrypted?"
    - "PII handling compliant?"
    - "Logs sanitized?"

  authorization:
    - "Role-based access enforced?"
    - "Resource ownership verified?"
    - "Privilege escalation prevented?"

Code Quality Checklist

quality_checklist:
  readability:
    - "Variable names descriptive?"
    - "Functions single-purpose?"
    - "Comments explain why, not what?"
    - "Magic numbers replaced with constants?"

  structure:
    - "DRY principle followed?"
    - "Appropriate abstraction level?"
    - "Dependencies minimized?"
    - "Cyclomatic complexity acceptable?"

  error_handling:
    - "All error cases handled?"
    - "Errors logged appropriately?"
    - "User-facing errors clear?"
    - "No silent failures?"

  testing:
    - "New code has tests?"
    - "Edge cases covered?"
    - "Tests are meaningful (not just coverage)?"

Review Feedback Patterns

Constructive Feedback Template

feedback_structure:
  what: "Describe the issue clearly"
  why: "Explain why it's a problem"
  how: "Suggest a solution or alternative"
  severity: "Classify the severity"

example:
  what: "This function catches all exceptions silently"
  why: "Silent failures hide bugs and make debugging difficult"
  how: "Log the exception and re-throw or handle specifically"
  severity: "major"

Feedback Tone Guidelines

tone_guidelines:
  do:
    - Ask questions rather than make accusations
    - Focus on the code, not the person
    - Acknowledge good patterns when seen
    - Provide actionable suggestions

  avoid:
    - "Why would you do this?"
    - "This is wrong"
    - "Obviously you should..."
    - Sarcasm or condescension

Review Metrics

Quality Score Calculation

quality_scoring:
  categories:
    correctness: 30
    security: 25
    maintainability: 25
    performance: 20

  calculation:
    base_score: 100
    deductions:
      critical_issue: -25
      major_issue: -10
      minor_issue: -3
      info_issue: 0

  thresholds:
    excellent: 90-100
    good: 75-89
    acceptable: 60-74
    needs_work: 40-59
    poor: 0-39

Integration

Used By Agents

primary_users:
  - quality-reviewer: "Core review methodology"

secondary_users:
  - code-developer: "Self-review before submission"
  - deliverable-evaluator: "Quality assessment criteria"

More by diegosouzapw

View all by diegosouzapw

helm-chart-scaffolding-v2

diegosouzapw

Helm Chart Scaffolding workflow skill. Use this skill when the user needs Comprehensive guidance for creating, organizing, and managing Helm charts for packaging and deploying Kubernetes applications and the operator should preserve the upstream workflow, copied support files, and provenance before

00

cc-skill-coding-standards-v2

diegosouzapw

Coding Standards & Best Practices workflow skill. Use this skill when the user needs Universal coding standards, best practices, and patterns for TypeScript, JavaScript, React, and Node.js development and the operator should preserve the upstream workflow, copied support files, and provenance before

00

worktree-setup

diegosouzapw

Automatically invoked after `git worktree add` to create data/shared symlink and data/local directory. Required before starting work in any new worktree.

00

parsehub-automation

diegosouzapw

Automate Parsehub tasks via Rube MCP (Composio). Always search tools first for current schemas.

00

signalwire-agents-sdk

diegosouzapw

Expert assistance for building SignalWire AI Agents in Python. Automatically activates when working with AgentBase, SWAIG functions, skills, SWML, voice configuration, DataMap, or any signalwire_agents code. Provides patterns, best practices, and complete working examples.

00

agent-sales-engineer

diegosouzapw

Expert sales engineer specializing in technical pre-sales, solution architecture, and proof of concepts. Masters technical demonstrations, competitive positioning, and translating complex technology into business value for prospects and customers.

00

Search skills

Search the agent skills registry