21.5k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill mastra-ai/mastra --skill code-review- SKILL.md3.1 KB
Overview
This skill provides structured code review guidelines tailored for TypeScript projects. It helps reviewers evaluate correctness, quality, TypeScript specifics, performance, and security in pull requests. Use it to produce consistent, actionable review comments and clear approval or change recommendations.
How this skill works
The skill inspects pull request changes against a checklist that covers logic, tests, naming, single-responsibility, and TypeScript typing practices. It highlights performance and security risks, suggests concrete fixes, and recommends when to approve, request changes, or leave comments. Review comments follow a severity-based template with Why and Suggestion sections for actionable feedback.
When to use it
- Reviewing TypeScript pull requests before merging
- Auditing code quality and test coverage for features or bug fixes
- Identifying TypeScript typing and null-safety issues
- Checking React components for rendering and memoization problems
- Evaluating security, injection, and secret-management risks
Best practices
- Verify logic and edge cases; ensure tests cover new behavior
- Prefer clear names and single-responsibility functions; avoid god functions
- Enforce TypeScript strictness: no implicit any and defined interfaces for complex shapes
- Flag performance hotspots: unnecessary re-renders, heavy loops, missing memoization
- Use the severity-based comment format: [critical], [suggestion], [nit], [question]
Example use cases
- Review a feature PR adding new API routes to ensure input validation and test coverage
- Audit a React component refactor for prop drilling, memoization, and unnecessary re-renders
- Find and fix implicit any types, unsafe null handling, or missing generics
- Detect and report security issues like hardcoded secrets, SQL/NoSQL injection risks, or XSS vectors
- Recommend extracting long validation or business-logic blocks into testable helper functions
FAQ
Critical issues are correctness, security, or missing required tests that block merging until fixed.
How should I format review comments?
Use the template with a severity tag, a brief description, Why explaining the impact, and a Suggestion with a concrete fix or code sample.
When is it OK to use any?
Avoid any in production code; only use it temporarily with a clear TODO and follow-up plan if a safe typed alternative is not yet available.