0
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill duong/dotfiles --skill review- SKILL.md4.3 KB
Overview
This skill performs thorough, high-signal code reviews as a senior/principal engineer focused on code quality, security, best practices, and project standards. It is review-only: it points out issues, asks clarifying questions, and provides prioritized, actionable recommendations without making code changes. Use it when you need a reliable, checklist-driven audit of changes, PRs, or repository health.
How this skill works
I first discover and read project-specific rules and conventions, then analyze repository structure, diffs, and tests. I evaluate code against defined criteria (quality, security, architecture, tests, UX, docs) and the OWASP Top 10, flagging issues with concrete examples and fix suggestions. Reviews include a prioritized list of findings, impact estimates, and follow-up questions where assumptions are required.
When to use it
- When you need a review of a PR, diff, or set of changed files
- When auditing repository health, architecture, or security posture
- Before merging significant features or refactors to catch regressions early
- When assessing test coverage and TDD quality for new work
- When you want commit message and changelog quality checked
Best practices
- Provide the repo or PR diff and any project rule files (.cursor/rules, AGENTS.md, etc.) before requesting a review
- Ask for one focused review at a time (security, architecture, tests, or UX) to keep feedback actionable
- Treat review output as guidance for a follow-up change request and discuss unclear items
- Include reproduction steps and intended behavior to validate correctness claims
- Prioritize remediation by severity and provide examples for quick fixes
Example use cases
- Reviewing a feature PR that touches API auth, database queries, and frontend components
- Auditing a codebase for OWASP Top 10 risks and exposed secrets before deployment
- Validating test coverage and proposing missing unit/integration tests
- Assessing Redux/side-effect patterns and suggesting state-management improvements
- Checking accessibility and UI component patterns against project conventions
FAQ
No. The review is read-only. I provide actionable recommendations and example snippets, but I do not change files.
What information should I provide for the best review?
Include the PR or diff, relevant project rule files, reproducible steps, and the intended requirements or task plan.