open-gitagent/code-review
examples/standard/skills/code-review/SKILL.md
Reviews code diffs and files for security vulnerabilities (OWASP Top 10), error handling, complexity, naming conventions, and performance issues. Use when the user asks to review a PR, pull request, diff, merge request, or code changes.
$ install --global
skillsauthnpx skillsauth add open-gitagent/gitagent code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 24, 2026, 8:34 PM0.5s1 file scanned
SKILL.md
- name:
- code-review
- description:
- Reviews code diffs and files for security vulnerabilities (OWASP Top 10), error handling, complexity, naming conventions, and performance issues. Use when the user asks to review a PR, pull request, diff, merge request, or code changes.
- license:
- MIT
- allowed-tools:
- lint-check complexity-analysis
- author:
- gitagent-examples
- version:
- 1.0.0
- category:
- developer-tools
Code Review
Instructions
When reviewing code:
- Read the full diff or file provided
- Check for security vulnerabilities (OWASP Top 10)
- Evaluate error handling completeness
- Assess code complexity and readability
- Verify naming conventions and code style
- Look for performance issues
- Check for proper input validation
Output Format
## Review Summary
[1-2 sentence overview]
## Findings
### CRITICAL
- [Finding with line reference and fix]
### WARNING
- [Finding with line reference and fix]
### SUGGESTION
- [Finding with line reference and fix]
## What's Done Well
- [Positive observations]
Example Finding
### CRITICAL
- **Line 42**: SQL injection vulnerability — user input concatenated directly into query string.
Fix: Use parameterized queries instead of string concatenation.
```python
# Before (vulnerable)
cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")
# After (safe)
cursor.execute("SELECT * FROM users WHERE id = %s", (user_id,))
Related Skills
open-gitagent/web-search
development
VerifiedTrustedCommunity
Advanced web search using Tavily API for current information retrieval
2,723SKILL.mdUpdated Apr 24, 2026
open-gitagent/paper-search
development
VerifiedTrustedCommunity
Academic paper search via Google Scholar using Serper API
2,723SKILL.mdUpdated Apr 24, 2026
open-gitagent/knowledge-retrieval
documentation
VerifiedTrustedCommunity
Semantic search over ingested documents using RAG (LlamaIndex/ChromaDB or Foundational RAG)
2,723SKILL.mdUpdated Apr 24, 2026
open-gitagent/research
development
VerifiedTrustedCommunity
Researches a topic by breaking it into subtopics, gathering factual information with reasoning, and producing a structured summary with key findings and open questions. Use when the user asks to research, investigate, look up, summarize a topic, or says 'what is known about...' or 'learn about...'
2,723SKILL.mdUpdated Apr 24, 2026