code-review-expert

The code-review-expert skill performs structured code reviews of git changes. It evaluates code for SOLID violations, security vulnerabilities, performance regressions, and maintainability concerns using predefined checklists.

8.1K
Installs
5
Use cases
5/10
Quality

Is code-review-expert safe to install?

Review the source first

Review the source first: our audit of code-review-expert's source files found 5 shell commands, 0 external URLs, file reads and writes (high risk). Every command and URL listed appears verbatim in the skill's source. The skill executes shell commands including git operations and text search utilities. It reads local files for reference checklists and project code.

How we audit skills: our security review methodology.

Who is this skill for?

Software engineers and developers who need automated, structured feedback on git changes before merging.

What can you do with it?

  • Reviewing git diffs for security vulnerabilities like XSS or SQL injection.
  • Identifying SOLID principle violations in code changes.
  • Detecting performance bottlenecks such as N+1 queries.
  • Generating structured code review reports with severity levels.
  • Creating incremental refactoring or removal plans for legacy code.

How good is this skill?

Quality score: 5/10. The skill provides a clear, structured workflow and specific instructions for handling various code review scenarios. It includes necessary local file dependencies for its checklists.

What does the skill file contain?

SKILL.md
# Code Review Expert

## Overview

Perform a structured review of the current git changes with focus on SOLID, architecture, removal candidates, and security risks. Default to review-only output unless the user asks to implement changes.

## Severity Levels

| Level | Name | Description | Action |
|-------|------|-------------|--------|
| **P0** | Critical | Security vulnerability, data loss risk, correctness bug | Must block merge |
| **P1** | High | Logic error, significant SOLID violation, performance regression | Should fix before merge |
| **P2** | Medium | Code smell, maintainability con...

Frequently asked questions

Does the skill automatically apply changes to my code?

No. The skill defaults to review-only output and requires explicit user confirmation before implementing any changes.

How does the skill handle large code changes?

For diffs exceeding 500 lines, the skill summarizes by file first and then reviews in batches by module or feature area.

What criteria does the skill use for security scans?

The skill references a local security-checklist.md file to check for vulnerabilities including XSS, injection, SSRF, path traversal, and secret leakage.

Data sourced from sanyuan0704/code-review-expert on GitHub. Install counts from skills.sh. The summary and security audit are derived from the skill's source files: every command and URL listed appears verbatim in the source.

Related skills

audit-website

58.0K

Developers, SEO specialists, and website administrators who need to automate website health monitoring, technical debugging, and performance optimization

The audit-website skill enables AI agents to perform comprehensive website audits using the squirrelscan CLI. It evaluates websites against 240+ rules across 22 categories, including SEO, performance, security, and accessibility. The skill generates LLM-optimized reports, identifies issues, and provides actionable recommendations for remediation.

highseoauditsquirrelscan

stripe-best-practices

52.1K

Developers building, modifying, or reviewing Stripe integrations

The stripe-best-practices skill provides guidance on Stripe API selection, integration patterns, and security configurations. It directs the agent to reference specific internal documentation files for payments, Connect, billing, tax, treasury, and security topics.

highstripepaymentsstripe

make-interfaces-feel-better

37.7K

Frontend developers and designers using AI agents to review UI code or implement design system improvements

This skill provides design engineering principles for polishing user interfaces. It guides the agent in reviewing and implementing UI details such as typography, animations, border radii, optical alignment, and performance optimizations.

noneuidesignjakubkrehel

git-commit

37.6K

Developers who want to automate the creation of semantic git commit messages based on their local code changes

The git-commit skill generates and executes standardized git commits following the Conventional Commits specification. It analyzes diffs to determine commit types, scopes, and descriptions, and manages file staging.

highgitversion-controlgithub