kyegomez/code-review
examples/single_agent/agent_skill_examples/code-review/SKILL.md
Perform comprehensive code reviews focusing on best practices, security vulnerabilities, performance optimization, and maintainability
$ install --global
skillsauthnpx skillsauth add kyegomez/swarms code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 3:18 PM233.3s1 file scanned
SKILL.md
- name:
- code-review
- description:
- Perform comprehensive code reviews focusing on best practices, security vulnerabilities, performance optimization, and maintainability
Code Review Skill
When reviewing code, follow this systematic approach to ensure thorough evaluation:
Review Checklist
1. Code Quality
- Readability: Is the code easy to understand?
- Naming: Are variables, functions, and classes well-named?
- Structure: Is the code properly organized and modular?
- Comments: Are complex sections adequately documented?
- Complexity: Are there overly complex functions that should be simplified?
2. Security Analysis
Check for common vulnerabilities:
- SQL injection vulnerabilities
- XSS (Cross-Site Scripting) vulnerabilities
- Authentication and authorization flaws
- Insecure data handling (passwords, sensitive data)
- Input validation and sanitization
- OWASP Top 10 vulnerabilities
3. Performance Considerations
- Identify potential bottlenecks
- Check for inefficient algorithms or data structures
- Look for unnecessary database queries or API calls
- Evaluate caching opportunities
- Assess memory usage patterns
4. Best Practices
- DRY Principle: Eliminate code duplication
- SOLID Principles: Verify adherence to design principles
- Error Handling: Check for proper exception handling
- Testing: Evaluate test coverage and quality
- Dependencies: Review external dependencies and their versions
5. Maintainability
- Is the code easy to modify and extend?
- Are there proper abstractions?
- Is the architecture scalable?
- Are there technical debt concerns?
Review Format
Structure your review as follows:
- Summary: High-level overview of the changes
- Critical Issues: Security vulnerabilities or bugs that must be fixed
- Major Concerns: Significant issues affecting quality or performance
- Suggestions: Optional improvements and best practices
- Positive Feedback: Acknowledge good practices and improvements
Guidelines
- Be constructive and respectful
- Provide specific examples and suggestions
- Explain the "why" behind recommendations
- Prioritize issues by severity (critical, major, minor)
- Reference documentation or standards when applicable
- Consider the context and constraints of the project
Example Reviews
Security Issue:
CRITICAL: SQL injection vulnerability detected at line 45
Current: f"SELECT * FROM users WHERE id = {user_id}"
Recommendation: Use parameterized queries to prevent SQL injection
Performance Suggestion:
SUGGESTION: Consider caching database results at line 123
The same query is executed multiple times in the loop. Cache the results
to improve performance by ~80%.
Related Skills
kyegomez/financial-analysis
testing
VerifiedTrustedCommunity
Perform comprehensive financial analysis including DCF modeling, ratio analysis, and financial statement evaluation for companies and investment opportunities
6,196SKILL.mdUpdated Apr 6, 2026
kyegomez/data-visualization
data-ai
VerifiedTrustedCommunity
Create effective data visualizations using best practices for clarity, accuracy, and visual communication of insights
6,196SKILL.mdUpdated Apr 6, 2026
openclaw/openclaw-secret-scanning-maintainer
development
VerifiedTrustedCommunity
Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.
357,764SKILL.mdUpdated Apr 15, 2026
openclaw/openclaw-release-maintainer
development
VerifiedTrustedCommunity
Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.
357,764SKILL.mdUpdated Apr 10, 2026