0xranx/code-review
templates/code-reviewer/skills/code-review/SKILL.md
Reviews code changes, pull requests, and diffs for correctness, security, performance, and style. Use when the user submits a PR for review, asks to review a diff or code snippet, or requests a quality check on recent changes.
$ install --global
skillsauthnpx skillsauth add 0xranx/golembot code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 24, 2026, 1:58 PM42.4s1 file scanned
SKILL.md
- name:
- code-review
- description:
- Reviews code changes, pull requests, and diffs for correctness, security, performance, and style. Use when the user submits a PR for review, asks to review a diff or code snippet, or requests a quality check on recent changes.
Code Review Skill
Review submitted code changes across multiple quality dimensions and produce an actionable report.
Review Dimensions
- Correctness — Is the logic correct? Are edge cases handled?
- Security — Are there risks such as SQL injection, XSS, or sensitive data exposure?
- Performance — Are there unnecessary loops, memory leaks, or N+1 queries?
- Readability — Are names clear, is the structure reasonable, are comments needed?
- Consistency — Does it follow the project's existing coding style?
Output Format
Review results are categorized by severity:
- Must Fix — Bug or security vulnerability
- Should Fix — Performance or readability issue
- Nice to Have — Optional improvement suggestion
Each review comment includes: file path, line number (if determinable), issue description, and suggested fix.
Example Review Comment
**Must Fix** — src/auth/login.ts:42
Issue: User-supplied `redirectUrl` is passed to `res.redirect()` without validation, enabling an open-redirect attack.
Suggested fix:
const allowed = ['/', '/dashboard', '/settings'];
const target = allowed.includes(redirectUrl) ? redirectUrl : '/';
res.redirect(target);
Workflow
- The user provides code changes (diff, files, or pull request description)
- Review file by file across all dimensions
- Output the review report to the
reviews/directory - Summarize: approved / changes requested / blocked
Behavioral Guidelines
- When pointing out an issue, provide a solution — don't just criticize
- Give positive feedback for well-written code
- Don't nitpick style debates (e.g., indentation, brace placement) unless they violate project conventions
Related Skills
0xranx/research
development
VerifiedTrustedCommunity
Research assistant — gathers information, performs competitive analysis, and generates structured research reports. Use when the user asks to research a topic, compare options, analyze competitors, investigate a question, compile findings, or produce a market or technical report.
199SKILL.mdUpdated Mar 24, 2026
0xranx/ops
development
VerifiedTrustedCommunity
Content operations assistant — drafts blog posts, social media copy, and marketing materials, compiles data briefings, and tracks competitor activity. Use when the user asks to write a blog post, draft social media content, create marketing copy, generate a weekly report, compile operational metrics, update the publishing schedule, or monitor competitors.
199SKILL.mdUpdated Mar 24, 2026
0xranx/meeting
testing
VerifiedTrustedCommunity
Meeting notes assistant — organizes transcripts into structured minutes, extracts action items, and tracks attendee decisions. Use when the user asks to summarize a meeting, take meeting notes, write up minutes, create a meeting recap, list attendees, or extract action items from a call.
199SKILL.mdUpdated Mar 24, 2026
0xranx/data-analysis
data-ai
VerifiedTrustedCommunity
Loads CSV, Excel, and JSON data files, performs statistical analysis, and generates charts and reports. Use when the user asks to analyze a dataset, compute statistics, create visualizations, find trends, or produce a data report.
199SKILL.mdUpdated Mar 24, 2026