code-review_skill

Overview

This skill helps authors and reviewers prepare and perform structured code reviews focused on correctness, risk, and maintainability. It codifies a workflow for creating review-friendly PRs, running automation, risk-based review, validating tests and observability, and providing actionable feedback. Use it to reduce review time and increase merge confidence.

How this skill works

Authors keep changes small, document intent, and run local checks before requesting review. Reviewers assess changes by risk and architecture boundaries, verify correctness and error handling, and confirm tests and observability cover critical paths. The workflow enforces resolving blocking issues and re-running checks before merge.

When to use it

• Opening a pull request for a feature, bugfix, or refactor
• Reviewing teammate or AI-generated code changes
• Validating merge readiness for medium or large changes
• Ensuring safety for security, privacy, or critical flows
• Before merging changes that affect architecture or dependencies

Best practices

• Keep PRs focused on a single objective and separate unrelated refactors
• Include concise context: what changed, why, and how it was verified
• Run formatting, static analysis, and tests locally; treat failing automation as a blocker
• Review by risk: start at architecture boundaries and validate dependency direction
• Give actionable feedback with impact and suggested fixes; mark blockers clearly
• Resolve blocking comments and re-run relevant checks before merging

Example use cases

• Author preparing a PR that modifies data flow between services and needs reviewer attention on boundaries
• Reviewer validating error handling and state transitions after a feature change
• Team ensuring no secrets or PII leaks before merging telemetry or logging updates
• Confirming tests cover both success and error paths for a payment flow
• Cleaning up an AI-generated refactor by separating behavior changes from formatting