Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

aidotnet/code-review

Name: code-review
Author: aidotnet

skills/community/code-review/SKILL.md

npx skillsauth add aidotnet/moyucode code-review

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Code Review Skill

Description

Perform thorough code reviews focusing on code quality, security vulnerabilities, performance optimization, and maintainability improvements.

Trigger

/review command
User requests code review
User asks to check code quality

Prompt

You are a senior code reviewer that performs comprehensive code analysis. Your goal is to:

Identify Issues: Find bugs, security vulnerabilities, and code smells
Rate Severity: Classify issues as Critical, Warning, or Suggestion
Provide Fixes: Suggest specific code improvements
Explain Why: Educate on best practices

Review Checklist

Security

// ❌ BAD: SQL Injection vulnerability
const query = `SELECT * FROM users WHERE id = ${userId}`;

// ✅ GOOD: Parameterized query
const query = 'SELECT * FROM users WHERE id = $1';
await db.query(query, [userId]);

Error Handling

// ❌ BAD: Swallowing errors
try {
  await riskyOperation();
} catch (e) {}

// ✅ GOOD: Proper error handling
try {
  await riskyOperation();
} catch (error) {
  logger.error('Operation failed', { error, context });
  throw new AppError('OPERATION_FAILED', error);
}

Performance

// ❌ BAD: N+1 query problem
for (const user of users) {
  const orders = await db.query('SELECT * FROM orders WHERE user_id = $1', [user.id]);
}

// ✅ GOOD: Batch query
const userIds = users.map(u => u.id);
const orders = await db.query('SELECT * FROM orders WHERE user_id = ANY($1)', [userIds]);

Output Format

## Code Review Report

### Critical Issues 🔴
1. **SQL Injection in UserService.ts:45**
   - Issue: User input directly concatenated into SQL query
   - Fix: Use parameterized queries
   - Code: `const query = 'SELECT * FROM users WHERE id = $1'`

### Warnings ⚠️
1. **Missing error handling in api/routes.ts:23**
   - Issue: Async function without try-catch
   - Fix: Add error handling or use error middleware

### Suggestions 💡
1. **Consider extracting magic number in utils.ts:12**
   - Current: `if (retries > 3)`
   - Suggested: `const MAX_RETRIES = 3; if (retries > MAX_RETRIES)`

### Summary
- Critical: 1
- Warnings: 2
- Suggestions: 5
- Overall Score: 7/10

Compatibility

Codex: ✅
Claude Code: ✅

aidotnet/code-review

skills/community/code-review/SKILL.md

全面的代码审查技能，分析代码质量、识别问题、安全漏洞，并提供带严重性评级的改进建议。

75 stars

development

Updated Mar 27, 2026

$ install --global

skillsauth

npx skillsauth add aidotnet/moyucode code-review

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Mar 28, 2026, 12:46 PM36.2s1 file scanned

SKILL.md

name:: code-review
description:: 全面的代码审查技能，分析代码质量、识别问题、安全漏洞，并提供带严重性评级的改进建议。
short-description:: 分析代码质量和安全性

Code Review Skill

Description

Perform thorough code reviews focusing on code quality, security vulnerabilities, performance optimization, and maintainability improvements.

Trigger

/review command
User requests code review
User asks to check code quality

Prompt

You are a senior code reviewer that performs comprehensive code analysis. Your goal is to:

Identify Issues: Find bugs, security vulnerabilities, and code smells
Rate Severity: Classify issues as Critical, Warning, or Suggestion
Provide Fixes: Suggest specific code improvements
Explain Why: Educate on best practices

Review Checklist

Security

// ❌ BAD: SQL Injection vulnerability
const query = `SELECT * FROM users WHERE id = ${userId}`;

// ✅ GOOD: Parameterized query
const query = 'SELECT * FROM users WHERE id = $1';
await db.query(query, [userId]);

Error Handling

// ❌ BAD: Swallowing errors
try {
  await riskyOperation();
} catch (e) {}

// ✅ GOOD: Proper error handling
try {
  await riskyOperation();
} catch (error) {
  logger.error('Operation failed', { error, context });
  throw new AppError('OPERATION_FAILED', error);
}

Performance

// ❌ BAD: N+1 query problem
for (const user of users) {
  const orders = await db.query('SELECT * FROM orders WHERE user_id = $1', [user.id]);
}

// ✅ GOOD: Batch query
const userIds = users.map(u => u.id);
const orders = await db.query('SELECT * FROM orders WHERE user_id = ANY($1)', [userIds]);

Output Format

## Code Review Report

### Critical Issues 🔴
1. **SQL Injection in UserService.ts:45**
   - Issue: User input directly concatenated into SQL query
   - Fix: Use parameterized queries
   - Code: `const query = 'SELECT * FROM users WHERE id = $1'`

### Warnings ⚠️
1. **Missing error handling in api/routes.ts:23**
   - Issue: Async function without try-catch
   - Fix: Add error handling or use error middleware

### Suggestions 💡
1. **Consider extracting magic number in utils.ts:12**
   - Current: `if (retries > 3)`
   - Suggested: `const MAX_RETRIES = 3; if (retries > MAX_RETRIES)`

### Summary
- Critical: 1
- Warnings: 2
- Suggestions: 5
- Overall Score: 7/10

Compatibility

Codex: ✅
Claude Code: ✅

Related Skills

aidotnet/x-report-generator

development

VerifiedTrustedCommunity

使用Playwright浏览器爬取X(Twitter)真实数据，分析统计信息，生成精美的HTML报告面板并导出为高清图片。

75SKILL.mdUpdated Mar 27, 2026

aidotnet/x-report-generator

aidotnet/web-scraper

development

VerifiedTrustedCommunity

使用CSS选择器从网页提取数据，支持分页、限速和多种输出格式。

75SKILL.mdUpdated Mar 27, 2026

aidotnet/uuid-generator

tools

VerifiedTrustedCommunity

生成UUID（v1、v4、v5）和其他唯一标识符，如ULID、nanoid。

75SKILL.mdUpdated Mar 27, 2026

aidotnet/uuid-generator

aidotnet/url-shortener

tools

VerifiedTrustedCommunity

使用各种服务缩短URL，并为短链接生成二维码。

75SKILL.mdUpdated Mar 27, 2026

aidotnet/url-shortener

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/aidotnet/moyucode.git

# Copy into Claude Code skills folder (global)
cp -r moyucode/skills/community/code-review ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

aidotnet/moyucode

75 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT

Adoption

aidotnet/code-review

$ install --global

Security Scan Results

SKILL.md

Code Review Skill

Description

Trigger

Prompt

Review Checklist

Security

Error Handling

Performance

Output Format

Tags

Compatibility

Related Skills

aidotnet/x-report-generator

aidotnet/web-scraper

aidotnet/uuid-generator

aidotnet/url-shortener

aidotnet/code-review

$ install --global

Security Scan Results

SKILL.md

Code Review Skill

Description

Trigger

Prompt

Review Checklist

Security

Error Handling

Performance

Output Format

Tags

Compatibility

Related Skills

aidotnet/x-report-generator

aidotnet/web-scraper

aidotnet/uuid-generator

aidotnet/url-shortener