peintangos/code-review
.claude/skills/code-review/SKILL.md
Conduct a code review. Analyze changes from 7 perspectives and present results.
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add peintangos/deep-agents-example code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 4:29 PM12.0s1 file scanned
SKILL.md
- name:
- code-review
- description:
- Conduct a code review. Analyze changes from 7 perspectives and present results.
- user_invocable:
- true
- context:
- fork
- agent:
- codex:codex-rescue
Code Review
Follow these steps to conduct a code review. You only have access to the Bash tool — use shell commands (cat, find, git) for all file reading.
1. Identify Change Scope
git diff --name-only HEAD
git diff --name-only
git diff --name-only --cached
git status
Run the above commands to get a list of changed files and untracked files.
2. Read Project Rules
find .claude/rules -type f -name '*.md' -exec cat {} +
Read all rule files under .claude/rules/ to understand project conventions.
3. Identify Target Specification
find docs/prds -name 'todo.md' 2>/dev/null
If found, read the todo file and the corresponding specification to understand acceptance criteria. Skip if not found.
4. Conduct Review
Read each changed file with cat and review from the following 7 perspectives:
- Correctness: Any bugs or logic errors?
- Security: Any stack-appropriate vulnerabilities around input handling, authorization, secrets, unsafe execution, or trust boundaries?
- Performance: Any avoidable hot-path inefficiencies, repeated work, excessive I/O, or other stack-appropriate bottlenecks?
- Readability: Are naming, structure, and comments appropriate?
- Convention compliance: Does it follow project rules (
.claude/rules/)? - Spec compliance: Does it meet specification acceptance criteria? (if specification exists)
- Testing: Is test coverage and quality sufficient? (if tests exist)
5. Review Results Report
Output results in the following format:
## Code Review Results
**Overall Verdict**: No Issues / Needs Changes
### Findings
#### Must Fix
- [file:line] Description
#### Should Fix
- [file:line] Description
#### Nice to Have
- [file:line] Description
### Spec Compliance Check
- [ ] Acceptance criteria 1: PASS / FAIL
- [ ] Acceptance criteria 2: PASS / FAIL
Related Skills
peintangos/zenn-style
data-ai
VerifiedTrustedCommunity
監査レポートを Zenn 技術記事向けの文体 (だ/である調 + 比較表 + 階層化された見出し) に整えるスキル。`src/reporter.ts` の骨組みを LLM が整形してレポート (`out/*.md`) を仕上げるときに読み込む。
SKILL.mdUpdated Apr 16, 2026
peintangos/security
testing
VerifiedTrustedCommunity
OSS リポジトリの既知脆弱性 (OSV / GHSA) を照合し、重大度と影響範囲を分類するスキル。セキュリティ監査を実行するときに読み込む。
SKILL.mdUpdated Apr 16, 2026
peintangos/maintenance
data-ai
VerifiedTrustedCommunity
OSS リポジトリのメンテナンス健全性 (リリース頻度・Issue 対応速度・放置 PR) を定量的に評価するスキル。メンテナンス監査を実行するときに読み込む。
SKILL.mdUpdated Apr 16, 2026
peintangos/license
tools
VerifiedTrustedCommunity
OSS リポジトリのメインライセンスを特定し、商用利用制約・依存互換性・NG ライセンスの検出までを行うスキル。ライセンス監査を実行するときに読み込む。
SKILL.mdUpdated Apr 16, 2026