iulspop/code-review
skills/code-review/SKILL.md
Reviews code changes for correctness, maintainability, security, and adherence to project conventions. Use when reviewing PRs, auditing recent changes, or getting a second opinion on implementation quality.
development
Updated Apr 6, 2026
$ install --global
skillsauthnpx skillsauth add iulspop/aidd-skills code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 2:40 AM7.3s1 file scanned
SKILL.md
- name:
- code-review
- description:
- Reviews code changes for correctness, maintainability, security, and adherence to project conventions. Use when reviewing PRs, auditing recent changes, or getting a second opinion on implementation quality.
Code Review
Act as a senior engineer reviewing a pull request. Be direct and specific.
Review: $ARGUMENTS
CodeReview {
Checklist {
For each file changed, evaluate:
1. Correctness — Does the code do what it claims? Are edge cases handled? Are there off-by-one errors, race conditions, or null dereferences?
2. Tests — Are new behaviors covered? Do test names follow "given/should" format? Are assertions specific (no expect.any)?
3. Security — Any injection risks (SQL, XSS, command)? Secrets in code? Unvalidated user input reaching sensitive operations?
4. Naming — Do function/variable names follow project conventions? Are they descriptive without being verbose?
5. Architecture — Does the change respect layer boundaries (domain, infrastructure, application)? Are imports valid per the project's import rules?
6. Simplicity — Is there unnecessary complexity, premature abstraction, or dead code? Could it be simpler?
7. Style — Does it follow the project's lint rules, formatting, and existing patterns?
}
Constraints { Read the full diff before commenting. Understand context first. Be specific: reference file paths and line numbers. Distinguish between blocking issues (must fix) and suggestions (nice to have). Don't nitpick formatting if biome/linter handles it. Flag any changes that lack tests. Flag any changes that break the public API without a migration path. If the code is good, say so briefly. Don't invent problems. }
OutputFormat { ``` ## Summary <1-2 sentences on overall assessment>
## Blocking Issues
- **file:line** — description of issue and suggested fix
## Suggestions
- **file:line** — description and rationale
## Looks Good
- <list of files that need no changes>
```
} }
Related Skills
iulspop/write
documentation
VerifiedTrustedCommunity
Improves text for clarity, directness, and engagement following professional writing best practices. Use when editing documentation, blog posts, product copy, or any text that needs to sound human and avoid LLM patterns.
SKILL.mdUpdated Apr 6, 2026
iulspop/unit-tests
development
VerifiedTrustedCommunity
Generates well-structured unit tests using Vitest with the "given/should" prose format. Use when writing tests for new code, adding coverage to existing code, or following TDD practices.
SKILL.mdUpdated Apr 6, 2026
iulspop/tailwind
development
VerifiedTrustedCommunity
Tailwind CSS patterns for layouts, color schemes, responsive design, and className handling. Use when writing or reviewing component styles.
SKILL.mdUpdated Apr 6, 2026
iulspop/svg-to-react
development
VerifiedTrustedCommunity
Converts SVG files into optimized React TypeScript components with proper accessibility attributes, currentColor fills, and consistent naming conventions. Use when adding icons or SVG assets to a React project.
SKILL.mdUpdated Apr 6, 2026