code-review
@karmaloopai · 收录于 1 周前
Perform comprehensive code reviews covering bugs, style, performance, security, and best practices. Use this skill when the user mentions: review my code, check this code, code review, find bugs, improve code, refactor suggestions, security audit, performance optimization, code quality, static analysis.
适合你,如果你需要系统性地检查代码质量并发现潜在问题
/ 下载安装
用别的 agent?下载 .zip 解压,把文件夹放进它的技能目录
Claude Code
~/.claude/skills/(项目级 .claude/skills/)Codex CLI
~/.codex/skills/Cursor自动读取上面两处目录
其他工具见其文档的「skills」目录;两个下载是同一份文件,只是名字不同
/ 通过 npx 安装 校验哈希
npx oh-my-skill add karmaloopai/jiva/code-review/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- karmaloopai/jiva/code-review/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify karmaloopai/jiva/code-review安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
35GitHub stars
~758最小装载
~2.3K含声明引用
~2.3K文本包总量
镜像托管
怎么用
技能原文 SKILL.md
Code Review Skill
Overview
Perform comprehensive code reviews analyzing bugs, style issues, performance bottlenecks, security vulnerabilities, and adherence to best practices.
Workflow
1. Scan Code Structure
- Use
viewtool to read all relevant files in the codebase - Identify file types, frameworks, and languages used
- Map dependencies and module relationships
2. Analyze Code Quality
Check for the following categories:
Bugs & Logic Errors:
- Null/undefined handling
- Off-by-one errors
- Race conditions
- Memory leaks
- Incorrect algorithm implementation
Security Issues:
- SQL injection vulnerabilities
- XSS vulnerabilities
- Authentication/authorization flaws
- Sensitive data exposure
- Unsafe dependencies
Performance Problems:
- Inefficient algorithms (O(n²) where O(n) possible)
- Unnecessary database queries
- Memory overuse
- Blocking operations
- Missing caching
Code Style:
- Naming conventions
- Code formatting inconsistencies
- Magic numbers/strings
- Dead code
- Overly complex functions
Best Practices:
- DRY (Don't Repeat Yourself) violations
- SOLID principles adherence
- Error handling patterns
- Testing coverage
- Documentation quality
3. Categorize Findings
Group issues by:
- Critical: Security vulnerabilities, data loss risks
- High: Bugs that cause crashes/errors
- Medium: Performance issues, maintainability problems
- Low: Style issues, minor improvements
4. Provide Solutions
For each issue:
- Explain WHY it's a problem
- Show the problematic code snippet
- Provide a SPECIFIC fix with code examples
- Explain the benefits of the fix
5. Generate Report
Structure the output as:
# Code Review Report ## Summary - Total files reviewed: X - Issues found: Y (Z critical, W high, V medium, U low) ## Critical Issues [List critical issues with fixes] ## High Priority Issues [List high priority issues with fixes] ## Medium Priority Issues [List medium priority issues with fixes] ## Low Priority Issues [List low priority issues with fixes] ## Strengths [Mention good practices found in the code] ## Recommendations [Overall suggestions for improvement]
Resources
When to Use References
- Read
references/security_checklist.mdwhen analyzing security - Consult
references/performance_patterns.mdfor performance optimization - Check
references/language_guides/for language-specific best practices
Scripts (Future Enhancement)
scripts/run_linter.sh <file>- Run automated lintingscripts/complexity_analysis.py <file>- Calculate cyclomatic complexityscripts/security_scan.py <dir>- Run security vulnerability scanner
Example Usage
User: "Review this authentication code"
Process:
- Read authentication-related files with
viewtool - Check for common auth vulnerabilities (password storage, session management, etc.)
- Analyze token handling and encryption
- Check for privilege escalation risks
- Provide detailed report with fixes
Tips for Effective Reviews
- Be Specific: Don't just say "improve error handling" - show exactly how
- Prioritize: Focus on critical/high issues first
- Be Constructive: Acknowledge good code practices too
- Provide Context: Explain the "why" behind each suggestion
- Code Examples: Always show concrete before/after code
- Consider Trade-offs: Mention any downsides to suggested changes
按 MIT 许可原样转载,未经改动 · 在 GitHub 查看 →
评论
登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。
…