Code Review

Name: Code Review
Author: itallstartedwithaidea

itallstartedwithaidea/agent-skills

Run a checklist-first, severity-classified review on a PR or diff so merge decisions stay consistent when you ship solo.

Install

npx skills add https://github.com/itallstartedwithaidea/agent-skills --skill code-review

What is this skill?

Pre-review checklist gates deep analysis (tests, linter, types, docs, uncommitted files)
Findings use four severities: Critical, High, Medium, and Low with file, line range, and suggested fix
Produces a standardized review document for the permanent merge record
Semantic pass covers logic, architecture, security, and performance after checklist passes
Configurable quality dimensions replace ad-hoc reviewer comments

Adoption & trust: 1 installs on skills.sh; 18 GitHub stars; 2/3 security scanners passed (skills.sh audits); trending (+100% hot-view momentum).

Recommended Skills

Improve Codebase Architecturemattpocock/skills

Improve Codebase Architecture is an agent skill that teaches how to deepen a cluster of shallow modules without breaking…226k installs·121k stars

Zoom Outmattpocock/skills

Lightweight meta-prompt skill that tells the agent to zoom out and deliver a domain-aligned overview of modules and call…181k installs·121k stars

Caveman Reviewjuliusbrussee/caveman

Formats code review as single actionable lines: location, problem, fix, with minimal noise.139k installs·70k stars

Requesting Code Reviewobra/superpowers

Requesting Code Review is an agent skill from the Superpowers collection that gives solo and indie builders a copy-ready…119k installs·221k stars

Receiving Code Reviewobra/superpowers

Superpowers methodology for agents receiving code review: prioritize technical correctness over social comfort, verify e…96.2k installs·221k stars

Request Refactor Planmattpocock/skills

request-refactor-plan is a structured agent workflow for solo and small-team maintainers who want refactors filed as act…30.5k installs·121k stars

Journey fit

Primary fit

Pre-merge review is the canonical Ship moment before code lands on main or production. Structured diff review, findings, and resolution tracking map directly to the review subphase quality gate.

Common Questions / FAQ

Is Code Review safe to install?

skills.sh reports 2 of 3 security scanners passed. Review the Security Audits panel on this page before installing in production.

SKILL.md

READMESKILL.md - Code Review

# Code Review

Part of [Agent Skills™](https://github.com/itallstartedwithaidea/agent-skills) by [googleadsagent.ai™](https://googleadsagent.ai)

## Description

Code Review enforces a structured pre-merge quality gate with a checklist-driven evaluation, severity-classified findings, and mandatory resolution tracking. The agent reviews every diff against a configurable set of quality dimensions before approving changes, ensuring consistent standards regardless of reviewer fatigue or time pressure.

Unlike ad-hoc review comments, this skill produces a standardized review document with findings categorized by severity: Critical (must fix before merge), High (should fix before merge), Medium (fix in follow-up), and Low (optional improvement). Each finding includes the file, line range, category, description, and a concrete suggested fix. The review document becomes part of the permanent record.

The pre-review checklist catches common oversights before deep analysis begins: missing tests, uncommitted files, linter errors, type errors, and documentation gaps. Only after the checklist passes does the agent proceed to semantic review of logic, architecture, security, and performance.

## Use When

- A pull request or diff is ready for review
- The user asks for feedback on code changes
- Before merging any branch into main
- After a subagent completes a task (Stage 2 review)
- Code has been refactored and needs validation
- A new contributor's code needs onboarding-level review

## How It Works

```mermaid
graph TD
    A[Receive Diff] --> B[Pre-Review Checklist]
    B --> C{Checklist Passes?}
    C -->|No| D[Return with Blockers]
    C -->|Yes| E[Semantic Analysis]
    E --> F[Classify Findings by Severity]
    F --> G[Generate Review Document]
    G --> H{Critical Findings?}
    H -->|Yes| I[Request Changes]
    H -->|No| J{High Findings?}
    J -->|Yes| K[Approve with Reservations]
    J -->|No| L[Approve]
```

The workflow gates progression: the checklist catches mechanical issues instantly, while semantic analysis evaluates design, correctness, and maintainability. The severity classification ensures critical issues block the merge while minor improvements do not.

## Implementation

```yaml
pre_review_checklist:
  - name: "Tests exist for changed code"
    command: "check_test_coverage_delta"
    severity: "critical"
  - name: "No linter errors introduced"
    command: "run_linter --diff-only"
    severity: "critical"
  - name: "Type checking passes"
    command: "run_typecheck"
    severity: "critical"
  - name: "No secrets in diff"
    command: "scan_secrets --diff"
    severity: "critical"
  - name: "Documentation updated"
    command: "check_doc_staleness"
    severity: "medium"

severity_levels:
  critical:
    label: "🔴 Critical"
    action: "Must fix before merge"
    examples: ["Security vulnerability", "Data loss risk", "Broken tests"]
  high:
    label: "🟠 High"
    action: "Should fix before merge"
    examples: ["Missing error handling", "Performance regression", "API contract violation"]
  medium:
    label: "🟡 Medium"
    action: "Fix in follow-up PR"
    examples: ["Code duplication", "Unclear naming", "Missing edge case test"]
  low:
    label: "🔵 Low"
    action: "Optional improvement"
    examples: ["Style preference", "Minor refactor opportunity", "Comment improvement"]

review_dimensions:
  - correctness: "Does the code do what it claims?"
  - security: "Are inputs validated? Are secrets protected?"
  - performance: "Are there N+1 queries, unnecessary re-renders, or blocking calls?"
  - maintainability: "Can another developer understand this in 6 months?"
  - testing: "Are edge cases covered? Are tests deterministic?"
  - architecture: "Does this follow established patterns? Is coupling appropriate?"
```

What is this skill?

Pre-review checklist gates deep analysis (tests, linter, types, docs, uncommitted files)

Findings use four severities: Critical, High, Medium, and Low with file, line range, and suggested fix

Produces a standardized review document for the permanent merge record

Semantic pass covers logic, architecture, security, and performance after checklist passes

Configurable quality dimensions replace ad-hoc reviewer comments

Adoption & trust: 1 installs on skills.sh; 18 GitHub stars; 2/3 security scanners passed (skills.sh audits); trending (+100% hot-view momentum).

SKILL.md

READMESKILL.md - Code Review

# Code Review

Part of [Agent Skills™](https://github.com/itallstartedwithaidea/agent-skills) by [googleadsagent.ai™](https://googleadsagent.ai)

## Description

Code Review enforces a structured pre-merge quality gate with a checklist-driven evaluation, severity-classified findings, and mandatory resolution tracking. The agent reviews every diff against a configurable set of quality dimensions before approving changes, ensuring consistent standards regardless of reviewer fatigue or time pressure.

Unlike ad-hoc review comments, this skill produces a standardized review document with findings categorized by severity: Critical (must fix before merge), High (should fix before merge), Medium (fix in follow-up), and Low (optional improvement). Each finding includes the file, line range, category, description, and a concrete suggested fix. The review document becomes part of the permanent record.

The pre-review checklist catches common oversights before deep analysis begins: missing tests, uncommitted files, linter errors, type errors, and documentation gaps. Only after the checklist passes does the agent proceed to semantic review of logic, architecture, security, and performance.

## Use When

- A pull request or diff is ready for review
- The user asks for feedback on code changes
- Before merging any branch into main
- After a subagent completes a task (Stage 2 review)
- Code has been refactored and needs validation
- A new contributor's code needs onboarding-level review

## How It Works

```mermaid
graph TD
    A[Receive Diff] --> B[Pre-Review Checklist]
    B --> C{Checklist Passes?}
    C -->|No| D[Return with Blockers]
    C -->|Yes| E[Semantic Analysis]
    E --> F[Classify Findings by Severity]
    F --> G[Generate Review Document]
    G --> H{Critical Findings?}
    H -->|Yes| I[Request Changes]
    H -->|No| J{High Findings?}
    J -->|Yes| K[Approve with Reservations]
    J -->|No| L[Approve]
```

The workflow gates progression: the checklist catches mechanical issues instantly, while semantic analysis evaluates design, correctness, and maintainability. The severity classification ensures critical issues block the merge while minor improvements do not.

## Implementation

```yaml
pre_review_checklist:
  - name: "Tests exist for changed code"
    command: "check_test_coverage_delta"
    severity: "critical"
  - name: "No linter errors introduced"
    command: "run_linter --diff-only"
    severity: "critical"
  - name: "Type checking passes"
    command: "run_typecheck"
    severity: "critical"
  - name: "No secrets in diff"
    command: "scan_secrets --diff"
    severity: "critical"
  - name: "Documentation updated"
    command: "check_doc_staleness"
    severity: "medium"

severity_levels:
  critical:
    label: "🔴 Critical"
    action: "Must fix before merge"
    examples: ["Security vulnerability", "Data loss risk", "Broken tests"]
  high:
    label: "🟠 High"
    action: "Should fix before merge"
    examples: ["Missing error handling", "Performance regression", "API contract violation"]
  medium:
    label: "🟡 Medium"
    action: "Fix in follow-up PR"
    examples: ["Code duplication", "Unclear naming", "Missing edge case test"]
  low:
    label: "🔵 Low"
    action: "Optional improvement"
    examples: ["Style preference", "Minor refactor opportunity", "Comment improvement"]

review_dimensions:
  - correctness: "Does the code do what it claims?"
  - security: "Are inputs validated? Are secrets protected?"
  - performance: "Are there N+1 queries, unnecessary re-renders, or blocking calls?"
  - maintainability: "Can another developer understand this in 6 months?"
  - testing: "Are edge cases covered? Are tests deterministic?"
  - architecture: "Does this follow established patterns? Is coupling appropriate?"
```

Install

What is this skill?

Recommended Skills

Journey fit

Is Code Review safe to install?

SKILL.md

This week for builders

Install

What is this skill?

Recommended Skills

Journey fit

Is Code Review safe to install?

SKILL.md