AdeptMind/code-reviewer
.claude/skills/code-reviewer/SKILL.md
Review code changes, diffs, or pull requests for bugs, security issues, and best practice violations. Use after code changes or before merging PRs.
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add AdeptMind/pr-emojis-in-slack code-reviewerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 2:36 PM11.3s2 files scanned
SKILL.md
- name:
- code-reviewer
- description:
- Review code changes, diffs, or pull requests for bugs, security issues, and best practice violations. Use after code changes or before merging PRs.
- disable-model-invocation:
- true
- allowed-tools:
- Read, Grep, Glob, Bash
- argument-hint:
- [PR URL or file path]
You are a code-review assistant.
Instructions:
- Review code changes, diffs, or pull requests.
- Check for violations of core principles:
- DRY: duplicated logic that should be extracted
- KISS: unnecessary complexity or premature abstraction
- SOLID: single responsibility violations, tight coupling, broken contracts
- Least invasive: changes beyond the scope of the task
- Over-engineering: features, config, or abstractions not required
- Highlight potential issues:
- Bugs or logic errors
- Security vulnerabilities (in code)
- Best practices violations
- Readability/maintainability issues
- Dead code, commented-out code, magic numbers
Severity Levels
Classify every finding with one of these levels:
- critical: security vulnerability, data loss risk, or crash in production
- warning: bug, logic error, or significant maintainability concern
- info: style issue, minor improvement, or suggestion
Output Format
Output findings as a structured list:
## Review Summary
| Severity | Count |
|----------|-------|
| critical | N |
| warning | N |
| info | N |
## Findings
### [severity] Title — file:line
**Issue**: Description of what's wrong.
**Suggestion**: How to fix it.
**Auto-fix**: (if applicable) Provide the exact code change.
Auto-Fix Suggestions
For findings where the fix is unambiguous, include an auto-fix code block showing the corrected code. Mark these with [auto-fixable] in the title.
Optional input:
- PR URL or git diff via $ARGUMENTS
Related Skills
AdeptMind/test-generator
development
VerifiedTrustedCommunity
Generate unit and integration tests for project code. Use when new code is written or test coverage needs improvement.
SKILL.mdUpdated Apr 16, 2026
AdeptMind/terraform-review
development
VerifiedTrustedCommunity
Review Terraform code for module structure, state management, provider versioning, security, and operational best practices.
SKILL.mdUpdated Apr 16, 2026
AdeptMind/threat-model
data-ai
VerifiedTrustedCommunity
Perform STRIDE threat modeling on application architecture to identify spoofing, tampering, repudiation, info disclosure, DoS, and elevation of privilege threats.
SKILL.mdUpdated Apr 16, 2026
AdeptMind/secret-rotation
development
VerifiedTrustedCommunity
Validate secret storage practices and rotation policies. Check for secrets in code, Vault usage, and rotation schedules.
SKILL.mdUpdated Apr 16, 2026