sangrokjung/frontend-code-review
skills/frontend-code-review/SKILL.md
Trigger when the user requests a review of frontend files (e.g., `.tsx`, `.ts`, `.js`). Support both pending-change reviews and focused file reviews while applying the checklist rules.
$ install --global
skillsauthnpx skillsauth add sangrokjung/claude-forge frontend-code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 12, 2026, 11:11 PM4.6s4 files scanned
SKILL.md
- name:
- frontend-code-review
- description:
- Trigger when the user requests a review of frontend files (e.g., `.tsx`, `.ts`, `.js`). Support both pending-change reviews and focused file reviews while applying the checklist rules.
Frontend Code Review
Intent
Use this skill whenever the user asks to review frontend code (especially .tsx, .ts, or .js files). Support two review modes:
- Pending-change review – inspect staged/working-tree files slated for commit and flag checklist violations before submission.
- File-targeted review – review the specific file(s) the user names and report the relevant checklist findings.
Stick to the checklist below for every applicable file and mode.
Checklist
See references/code-quality.md, references/performance.md, references/business-logic.md for the living checklist split by category—treat it as the canonical set of rules to follow.
Flag each rule violation with urgency metadata so future reviewers can prioritize fixes.
Review Process
- Open the relevant component/module. Gather lines that relate to class names, React Flow hooks, prop memoization, and styling.
- For each rule in the review point, note where the code deviates and capture a representative snippet.
- Compose the review section per the template below. Group violations first by Urgent flag, then by category order (Code Quality, Performance, Business Logic).
Required output
When invoked, the response must exactly follow one of the two templates:
Template A (any findings)
# Code review
Found <N> urgent issues need to be fixed:
## 1 <brief description of bug>
FilePath: <path> line <line>
<relevant code snippet or pointer>
### Suggested fix
<brief description of suggested fix>
---
... (repeat for each urgent issue) ...
Found <M> suggestions for improvement:
## 1 <brief description of suggestion>
FilePath: <path> line <line>
<relevant code snippet or pointer>
### Suggested fix
<brief description of suggested fix>
---
... (repeat for each suggestion) ...
If there are no urgent issues, omit that section. If there are no suggestions, omit that section.
If the issue number is more than 10, summarize as "10+ urgent issues" or "10+ suggestions" and just output the first 10 issues.
Don't compress the blank lines between sections; keep them as-is for readability.
If you use Template A (i.e., there are issues to fix) and at least one issue requires code changes, append a brief follow-up question after the structured output asking whether the user wants you to apply the suggested fix(es). For example: "Would you like me to use the Suggested fix section to address these issues?"
Template B (no issues)
## Code review
No issues found.
Related Skills
sangrokjung/summarize
content-media
VerifiedTrustedCommunity
Summarize or extract text/transcripts from URLs, podcasts, and local files (great fallback for “transcribe this YouTube/video”).
681SKILL.mdUpdated May 4, 2026
sangrokjung/stride-analysis-patterns
testing
VerifiedTrustedCommunity
Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security documentation.
681SKILL.mdUpdated May 4, 2026
sangrokjung/security-compliance
development
VerifiedTrustedCommunity
Guides security professionals in implementing defense-in-depth security architectures, achieving compliance with industry frameworks (SOC2, ISO27001, GDPR, HIPAA), conducting threat modeling and risk assessments, managing security operations and incident response, and embedding security throughout the SDLC.
681SKILL.mdUpdated May 4, 2026
sangrokjung/extract-errors
development
VerifiedTrustedCommunity
Use when adding new error messages to React, or seeing "unknown error code" warnings.
681SKILL.mdUpdated May 4, 2026