code-reviewer_skill

This skill reviews code for best practices, bugs, security, and performance, delivering actionable feedback to improve quality.
  • Python

134

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill maxvaega/skillkit --skill code-reviewer

  • SKILL.md1.0 KB

Overview

This skill reviews source code for best practices, bugs, security vulnerabilities, and performance issues. It is designed to produce structured, actionable feedback developers can apply quickly. The reviewer focuses on language-specific conventions, logic correctness, and maintainability.

How this skill works

Submit code and optional context (language, runtime, inputs, expected behavior). The skill inspects style and conventions, hunts for logic and edge-case bugs, flags security risks, and evaluates performance characteristics. It returns a concise summary, a prioritized list of issues, specific recommendations, and positive highlights.

When to use it

  • Before merging a pull request to catch regressions and security flaws
  • During code review cycles to standardize feedback across reviewers
  • When hard-to-debug bugs appear and you need a second opinion
  • Before a production release to identify performance bottlenecks
  • When onboarding new contributors to ensure code meets project standards

Best practices

  • Provide language and runtime context with code to improve accuracy
  • Include small, focused code snippets instead of very large files
  • Share tests or example inputs so behavioral issues can be validated
  • Specify security model and threat assumptions for targeted checks
  • Request follow-up clarification when recommendations affect design choices

Example use cases

  • Review a Python function for exception handling, edge cases, and type usage
  • Scan backend code for SQL injection risks and improper credential handling
  • Analyze algorithmic code for complexity and memory usage improvements
  • Evaluate web templates and handlers for XSS and unsafe serialization
  • Audit dependency usage and flag outdated or vulnerable libraries

FAQ

It works best with mainstream languages (Python, JavaScript, Java, etc.), but provides useful guidance for many languages when you include context.

Can it run tests or execute code?

No. It analyzes static code and provided context; it cannot run untrusted code or dynamic tests.

How are severity levels determined?

Severity is based on potential impact (security and data loss are highest), exploitability, and likelihood of causing runtime failures.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational