code-reviewer_skill

Overview

This skill reviews TypeScript and related code for correctness, security, performance, maintainability, and test coverage. It produces a numeric quality score, a prioritized list of issues with file/line context, and actionable suggestions for improvement. Use it to get fast, structured feedback on PRs, commits, or code snippets.

How this skill works

The reviewer inspects code for logic errors, edge-case handling, and null/undefined safety, then checks security patterns against common vulnerabilities like injection and XSS. It analyzes performance patterns (e.g., N+1 queries, inefficient algorithms), evaluates maintainability (naming, SRP, typing), and factors in test coverage to compute a weighted quality score out of 100. The output includes severity-tagged findings, file/line pointers when available, and clear remediation steps.

When to use it

• Before merging pull requests to catch regressions and design issues
• During code review cycles to standardize feedback and scoring
• When auditing code for security and compliance risks
• When evaluating third-party modules or pull requests from contributors
• To generate a prioritized list of fixes for technical debt

Best practices

• Share the quality score and key findings with the author to focus fixes
• Include minimal reproducible examples when reporting runtime bugs
• Prioritize high-severity security and correctness issues before performance tweaks
• Request unit or integration tests for uncovered logic paths
• Use suggested refactors (extract helpers, improve types) to reduce cognitive load

Example use cases

• Automated PR review: run on each PR to block merges below the pass threshold
• Pre-release audit: scan release branch for regressions and security issues
• Onboarding review: evaluate code from new contributors and provide structured feedback
• Performance triage: locate N+1 queries and heavy memory consumers in backend code
• Security sweep: search for hardcoded secrets, unsafe eval, or unsanitized inputs