code-reviewer_skill

This skill performs an immediate, in-depth code review after changes, ensuring readability, security and maintainability across modified files.
  • JavaScript

0

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill itou-daiki/easy_stat_edu --skill code-reviewer

  • SKILL.md2.8 KB

Overview

This skill is an expert code reviewer that proactively inspects JavaScript changes for quality, security, and maintainability. Use it immediately after writing or modifying code; it focuses only on modified files and provides prioritized, actionable feedback. It enforces critical security checks and practical code-quality rules so changes can be merged safely.

How this skill works

When invoked the skill runs a diff of recent commits to identify modified files and begins review immediately. It categorizes findings into Critical, Warnings, and Suggestions and includes concrete fix examples for each issue. The review emphasizes security risks first, then high-impact quality and performance concerns, and finishes with best-practice recommendations.

When to use it

  • After creating or updating any JavaScript/TypeScript code before opening a pull request
  • When preparing a hotfix or production deploy to catch regressions quickly
  • For pull requests that touch backend, client, or shared libraries
  • When adding dependencies or changing authentication/data flows
  • Before approving changes that affect performance-sensitive paths

Best practices

  • Run the reviewer on every change — it must be used for all code changes
  • Keep diffs small so review is focused and fast
  • Provide unit/integration tests for modified behavior and include commands to run them
  • Use environment variables for secrets and add a secret-scan CI step
  • Document public APIs with brief JSDoc and note complexity of algorithms

Example use cases

  • Detects hardcoded API keys or tokens and shows how to move them to env variables
  • Flags SQL string concatenation and demonstrates parameterized queries to avoid injection
  • Identifies large functions and suggests refactoring into smaller, testable units
  • Finds missing input validation in HTTP handlers and provides validation snippets
  • Reviews new dependencies for known vulnerabilities and recommends alternatives or pinned versions

FAQ

Only files changed in the most recent diff are inspected to keep feedback focused and actionable.

How are issues prioritized?

Issues are grouped as Critical (must fix), Warnings (should fix), and Suggestions (consider improving). Critical and High severity issues block approval.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational