MCP HubMCP Hub
Back to Skills

reviewing-code

jesseotremblay
Updated Today
115 views
0
View on GitHub
Developmentgeneral

About

This skill performs automated code reviews to analyze quality, identify bugs, and suggest improvements while checking for best practices. It is triggered when a developer requests a code review, code analysis, or a quality check. The process involves an initial analysis of the code's purpose and structure, followed by a multi-dimensional assessment of correctness and other quality factors.

Quick Install

Claude Code

Recommended
Plugin CommandRecommended
/plugin add https://github.com/jesseotremblay/claude-skills
Git CloneAlternative
git clone https://github.com/jesseotremblay/claude-skills.git ~/.claude/skills/reviewing-code

Copy and paste this command in Claude Code to install this skill

Documentation

Code Reviewer

This skill performs comprehensive code reviews to improve quality, identify issues, and suggest best practices.

When to Use This Skill

Invoke this skill when the user:

  • Asks for a code review
  • Wants to check code quality
  • Needs help identifying bugs or issues
  • Requests best practice recommendations
  • Mentions code analysis or improvement

Review Process

Step 1: Initial Analysis

Read the code and understand:

  1. Purpose and functionality
  2. Language and framework used
  3. Code structure and organization
  4. Dependencies and imports

Step 2: Quality Assessment

Evaluate code across multiple dimensions:

Correctness:

  • Logic errors or bugs
  • Edge cases handled
  • Error handling implemented
  • Return values appropriate

Readability:

  • Clear variable/function names
  • Consistent formatting
  • Appropriate comments
  • Logical code organization

Performance:

  • Efficient algorithms
  • No redundant operations
  • Appropriate data structures
  • Resource management

Security:

  • Input validation
  • No hardcoded credentials
  • SQL injection prevention
  • XSS protection (if applicable)

Maintainability:

  • DRY principle followed
  • Single responsibility
  • Low coupling, high cohesion
  • Easy to extend

Step 3: Generate Feedback

Provide structured feedback:

Critical Issues (must fix):

  • Bugs that cause failures
  • Security vulnerabilities
  • Data loss risks

Warnings (should fix):

  • Performance problems
  • Maintainability issues
  • Best practice violations

Suggestions (nice to have):

  • Code style improvements
  • Optimization opportunities
  • Alternative approaches

Step 4: Code Examples

For each issue, provide:

  1. Location (file:line)
  2. Description of problem
  3. Why it matters
  4. Suggested fix with code example

Review Template

Use this structure for reviews:

## Code Review Summary

**Overall Quality:** [Excellent/Good/Fair/Needs Improvement]
**Lines Reviewed:** [Number]
**Critical Issues:** [Number]
**Warnings:** [Number]
**Suggestions:** [Number]

## Critical Issues

### 1. [Issue Title]
**Location:** file.py:42
**Problem:** [Description]
**Impact:** [Why this matters]
**Fix:**
```language
[Code example of suggested fix]

Warnings

[Same structure as Critical Issues]

Suggestions

[Same structure as Critical Issues]

Positive Observations

  • [Good pattern 1]
  • [Good pattern 2]

Overall Recommendations

[High-level guidance for improvement]


## Common Review Patterns

**Pattern 1: Bug Identification**
- Trace execution flow
- Check boundary conditions
- Verify error handling
- Test edge cases mentally

**Pattern 2: Security Review**
- Audit all user inputs
- Check authentication/authorization
- Review data handling
- Examine external calls

**Pattern 3: Performance Analysis**
- Identify bottlenecks
- Check algorithmic complexity
- Review database queries
- Examine loop efficiency

**Pattern 4: Maintainability Check**
- Assess code clarity
- Check for duplication
- Evaluate modularity
- Review documentation

## Language-Specific Checks

**Python:**
- PEP 8 compliance
- Pythonic idioms
- Type hints usage
- Exception handling

**JavaScript/TypeScript:**
- ESLint compatibility
- Async/await usage
- Type safety (TS)
- Modern syntax

**Go:**
- Error handling patterns
- Goroutine safety
- Interface usage
- Idiomatic Go

**Other Languages:**
- Follow language conventions
- Use standard library features
- Apply community best practices

## Example Review

**Input Code:**
```python
def get_user(id):
    user = db.query("SELECT * FROM users WHERE id = " + id)
    return user

Review Output:

Critical Issues

1. SQL Injection Vulnerability Location: example.py:2 Problem: String concatenation in SQL query allows injection attacks Impact: Attacker could execute arbitrary SQL, accessing or deleting data Fix:

def get_user(id):
    user = db.query("SELECT * FROM users WHERE id = ?", (id,))
    return user

Warnings

2. Missing Error Handling Location: example.py:1-3 Problem: No handling for invalid ID or database errors Impact: Function crashes on errors instead of graceful handling Fix:

def get_user(user_id):
    try:
        user = db.query("SELECT * FROM users WHERE id = ?", (user_id,))
        return user if user else None
    except DatabaseError as e:
        logger.error(f"Database error retrieving user {user_id}: {e}")
        return None

Suggestions

3. Parameter Naming Location: example.py:1 Problem: Parameter named id shadows Python built-in Impact: Minor - can cause confusion, not a functional issue Fix:

def get_user(user_id):
    # ... rest of function

Validation Checklist

Before completing review:

  • All code sections examined
  • Security vulnerabilities identified
  • Performance issues noted
  • Best practices applied
  • Examples provided for fixes
  • Positive patterns acknowledged
  • Overall recommendations given

Review Scope Options

Quick Review:

  • Focus on critical issues only
  • Security and correctness
  • 5-10 minutes

Standard Review:

  • All quality dimensions
  • Critical + warnings
  • 15-30 minutes

Comprehensive Review:

  • All dimensions + suggestions
  • Alternative approaches
  • Refactoring ideas
  • 30+ minutes

Ask the user which scope they prefer if unclear.

GitHub Repository

jesseotremblay/claude-skills
Path: skill-creator/examples/simple-skill-example

Related Skills

subagent-driven-development

Development

This skill executes implementation plans by dispatching a fresh subagent for each independent task, with code review between tasks. It enables fast iteration while maintaining quality gates through this review process. Use it when working on mostly independent tasks within the same session to ensure continuous progress with built-in quality checks.

View skill

algorithmic-art

Meta

This Claude Skill creates original algorithmic art using p5.js with seeded randomness and interactive parameters. It generates .md files for algorithmic philosophies, plus .html and .js files for interactive generative art implementations. Use it when developers need to create flow fields, particle systems, or other computational art while avoiding copyright issues.

View skill

executing-plans

Design

Use the executing-plans skill when you have a complete implementation plan to execute in controlled batches with review checkpoints. It loads and critically reviews the plan, then executes tasks in small batches (default 3 tasks) while reporting progress between each batch for architect review. This ensures systematic implementation with built-in quality control checkpoints.

View skill

cost-optimization

Other

This Claude Skill helps developers optimize cloud costs through resource rightsizing, tagging strategies, and spending analysis. It provides a framework for reducing cloud expenses and implementing cost governance across AWS, Azure, and GCP. Use it when you need to analyze infrastructure costs, right-size resources, or meet budget constraints.

View skill