code-review

Systematic code analysis with evidence collection

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "code-review" with this command: npx skills add simhacker/moollm/simhacker-moollm-code-review

Code Review

"Read with intent. Question with purpose. Document with care."

Systematic code analysis with evidence collection. Code review IS an adventure — the codebase is the dungeon, findings are clues.

Review Process

READ → NOTE ISSUES → CLASSIFY → REPORT

Step 1: Setup

  1. Create REVIEW.yml
  2. Identify files to review
  3. Define focus areas

Step 2: Overview

  1. List all changed files
  2. Read PR/commit description
  3. Note initial impressions

Step 3: Deep Review

For each file:

  1. Read the code
  2. Check against criteria
  3. Note findings
  4. Run relevant checks

Step 4: Verification

  1. Run tests
  2. Run linters
  3. Check regressions

Step 5: Synthesize

  1. Compile findings
  2. Prioritize issues
  3. Generate REVIEW.md
  4. State recommendation

Finding Severity

LevelSymbolMeaningAction
Blocking🚫Must fix before mergeRequest changes
Important⚠️Should fix or explainRequest changes
Minor💡Nice to fixComment only
Praise🎉Good work!Celebrate

Finding Types

  • Security — Injection, auth, sensitive data
  • Correctness — Logic errors, edge cases
  • Performance — N+1 queries, memory leaks
  • Maintainability — Clarity, DRY, naming
  • Style — Formatting, conventions

Review Checklist

Security

  • Input validation
  • Output encoding
  • Authentication/authorization
  • Sensitive data handling
  • Injection vulnerabilities
  • Timing attacks

Correctness

  • Logic errors
  • Edge cases handled
  • Null/undefined handling
  • Error handling
  • Race conditions
  • Resource cleanup

Maintainability

  • Code clarity
  • Appropriate comments
  • Consistent naming
  • DRY (no duplication)
  • Single responsibility
  • Testability

Performance

  • Algorithmic complexity
  • Memory usage
  • Database queries
  • Caching
  • Unnecessary operations

Core Files

REVIEW.yml

review:
  name: "PR #123: Add user authentication"
  status: "in_progress"
  
findings:
  blocking:
    - id: "B1"
      file: "src/auth/login.ts"
      line: 45
      type: "security"
      summary: "Timing attack vulnerability"
      
  important: []
  minor: []
  praise: []

verification:
  tests: { ran: true, passed: true }
  linter: { ran: true, passed: false, issues: 3 }

REVIEW.md

Formatted document with:

  • Summary and counts
  • Issues by severity
  • Verification results
  • Recommendation

Verification Commands

tests:
  - "npm test"
  - "pytest"
  - "go test ./..."
  
linters:
  - "npm run lint"
  - "flake8"
  - "golangci-lint run"

Recommendation Output

OutcomeMeaning
approveGood to merge
request_changesHas blocking/important issues
commentMinor feedback only

See Also

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

self-repair

No summary provided by upstream source.

Repository SourceNeeds Review
-22
simhacker
General

probability

No summary provided by upstream source.

Repository SourceNeeds Review
-17
simhacker
General

dog

No summary provided by upstream source.

Repository SourceNeeds Review
-17
simhacker