code-review-checklist

Code Review Checklist

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "code-review-checklist" with this command: npx skills add tai-ch0802/skills-bundle/tai-ch0802-skills-bundle-code-review-checklist

Code Review Checklist

Quick Review Checklist

Correctness

  • Code does what it's supposed to do

  • Edge cases handled

  • Error handling in place

  • No obvious bugs

Security

  • Input validated and sanitized

  • No SQL/NoSQL injection vulnerabilities

  • No XSS or CSRF vulnerabilities

  • No hardcoded secrets or sensitive credentials

  • AI-Specific: Protection against Prompt Injection (if applicable)

  • AI-Specific: Outputs are sanitized before being used in critical sinks

Performance

  • No N+1 queries

  • No unnecessary loops

  • Appropriate caching

  • Bundle size impact considered

Code Quality

  • Clear naming

  • DRY - no duplicate code

  • SOLID principles followed

  • Appropriate abstraction level

Testing

  • Unit tests for new code

  • Edge cases tested

  • Tests readable and maintainable

Documentation

  • Complex logic commented

  • Public APIs documented

  • README updated if needed

AI & LLM Review Patterns (2025)

Logic & Hallucinations

  • Chain of Thought: Does the logic follow a verifiable path?

  • Edge Cases: Did the AI account for empty states, timeouts, and partial failures?

  • External State: Is the code making safe assumptions about file systems or networks?

Prompt Engineering Review

// ❌ Vague prompt in code const response = await ai.generate(userInput);

// ✅ Structured & Safe prompt const response = await ai.generate({ system: "You are a specialized parser...", input: sanitize(userInput), schema: ResponseSchema });

Anti-Patterns to Flag

// ❌ Magic numbers if (status === 3) { ... }

// ✅ Named constants if (status === Status.ACTIVE) { ... }

// ❌ Deep nesting if (a) { if (b) { if (c) { ... } } }

// ✅ Early returns if (!a) return; if (!b) return; if (!c) return; // do work

// ❌ Long functions (100+ lines) // ✅ Small, focused functions

// ❌ any type const data: any = ...

// ✅ Proper types const data: UserData = ...

Review Comments Guide

// Blocking issues use 🔴 🔴 BLOCKING: SQL injection vulnerability here

// Important suggestions use 🟡 🟡 SUGGESTION: Consider using useMemo for performance

// Minor nits use 🟢 🟢 NIT: Prefer const over let for immutable variable

// Questions use ❓ ❓ QUESTION: What happens if user is null here?

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

code-quality

No summary provided by upstream source.

Repository SourceNeeds Review
-8
tai-ch0802
Coding

python-patterns

No summary provided by upstream source.

Repository SourceNeeds Review
-5
tai-ch0802
Coding

game-development

No summary provided by upstream source.

Repository SourceNeeds Review
-5
tai-ch0802