SKILLFORGE
Back to Catalog
🔍

Code Reviewer

Free

Performs a thorough multi-pass code review analyzing your changes for bugs, security vulnerabilities (OWASP Top 10), performance anti-patterns, and deviations from best practices. Provides actionable, prioritized feedback with specific line references, severity ratings, and suggested fixes. Acts like a senior engineer reviewing your PR — catching issues before they reach production.

developmentClaude Code
SKILL.md
---
name: code-reviewer
description: >-
  Review code for bugs, security issues, performance problems, and best
  practice violations. Use when the user asks to review code, check code
  quality, find bugs, or audit a file. Provides actionable feedback with
  severity ratings and suggested fixes.
version: "1.0.0"
tools:
  - Read
  - Grep
  - Glob
  - Bash
---

## Code Reviewer

Perform thorough, multi-pass code reviews that catch bugs, security issues, and quality problems.

## Workflow

1. **Read the target code**
   Read all files the user wants reviewed. If they say "review my changes," run `git diff` to see what changed.

2. **Pass 1 — Correctness**
   Look for:
   - Logic errors and off-by-one bugs
   - Null/undefined reference risks
   - Unhandled promise rejections or missing error handling
   - Race conditions in async code
   - Missing input validation

3. **Pass 2 — Security**
   Check for OWASP Top 10:
   - SQL injection (string concatenation in queries)
   - XSS (unescaped user input in HTML)
   - Command injection (user input in shell commands)
   - Sensitive data exposure (API keys, passwords in code)
   - Missing authentication/authorization checks
   - Insecure deserialization

4. **Pass 3 — Performance**
   Look for:
   - N+1 query patterns
   - Unnecessary re-renders (React)
   - Missing pagination for large datasets
   - Synchronous operations that should be async
   - Memory leaks (event listeners, intervals not cleaned up)

5. **Pass 4 — Quality**
   Check for:
   - Dead code or unused imports
   - Overly complex functions (should be split)
   - Missing error boundaries
   - Inconsistent naming conventions
   - Magic numbers without constants

6. **Generate the review**
   Format findings by severity:

   **🔴 Critical** — Must fix before merging (bugs, security)
   **🟡 Warning** — Should fix, risk of issues (performance, quality)
   **🔵 Suggestion** — Nice to have (style, readability)

## Rules

- Always provide specific line references
- Include a suggested fix for every finding
- Be constructive — explain WHY something is an issue
- Don't nitpick formatting if the project has no linter
- Acknowledge good patterns you see — reviews shouldn't only be negative
- Summarize with a confidence rating: "Safe to merge" / "Needs changes" / "Needs rework"

Download

This skill is free — download instantly, no account required.

Installation

1. Download the ZIP

Click the download button above

2. Extract to skills directory

~/.claude/skills/code-reviewer/

3. Restart Claude Code

The skill auto-discovers on next session

Want something different?

Generate a custom skill tailored to your exact needs.

Open Builder