Can I use this skill as part of a larger workflow?

Absolutely. It integrates seamlessly with Pipeline, Ralph, and Ultrawork modes to automate reviews as part of a continuous development chain.

How does the Code Review skill identify changes?

It utilizes git diff to automatically detect modified files in your repository, or it can be targeted at specific files and directories provided in your prompt.

What security issues does the agent look for?

The agent scans for the OWASP Top 10, including hardcoded secrets, SQL/NoSQL injection risks, XSS prevention, and proper authentication enforcement.

Which AI model powers the code review analysis?

This skill delegates the review task to a specialized subagent running the Claude 3 Opus model to ensure the highest level of reasoning and accuracy.

Does it provide specific code fix suggestions?

Yes, the report includes specific file and line locations for every issue identified, along with concrete fix recommendations and code examples.

Code Reviewer

Name: Code Reviewer
Author: Yeachan-Heo

byYeachan-Heo

•

3,720

Collaboration Tools

Performs automated, multi-dimensional code reviews for security, performance, and maintainability using advanced AI reasoning.

About

The Code Review skill leverages the Claude 3 Opus model to provide deep, human-like analysis of code changes, ensuring high standards of security and quality before merging. It automatically identifies changes via git diff and evaluates them against rigorous checklists covering OWASP security standards, cyclomatic complexity, N+1 query patterns, and architectural best practices. Each review results in a structured report with severity-rated feedback (Critical to Low), specific line-item suggestions, and clear approval recommendations to streamline the peer review process and catch bugs before they reach production.

Key Features

Code quality metrics focusing on cyclomatic complexity and nesting depth
Security auditing for hardcoded secrets, injection risks, and XSS/CSRF vulnerabilities
Direct integration with git diff for automated scope identification
3,720 GitHub stars
Severity-rated feedback ranging from Critical security risks to Low style suggestions
Performance analysis to detect N+1 query patterns and inefficient algorithms

Use Cases

Conducting deep security and quality audits before merging pull requests
Refactoring legacy codebases by identifying technical debt and architectural smells
Standardizing code quality across teams by providing consistent, objective feedback

About

Key Features

Code quality metrics focusing on cyclomatic complexity and nesting depth
Security auditing for hardcoded secrets, injection risks, and XSS/CSRF vulnerabilities
Direct integration with git diff for automated scope identification
3,720 GitHub stars
Severity-rated feedback ranging from Critical security risks to Low style suggestions
Performance analysis to detect N+1 query patterns and inefficient algorithms

Use Cases

Conducting deep security and quality audits before merging pull requests
Refactoring legacy codebases by identifying technical debt and architectural smells
Standardizing code quality across teams by providing consistent, objective feedback