Code Review 助手

Automatically performs comprehensive code reviews on your changes, identifying bugs, security vulnerabilities, performance issues, best practice violations, and code style problems before they reach production. Think of it as having a senior engineer review every line of code you write.

What This 技能 Does

This 技能 analyzes your code changes and provides detAIled feedback on:

Bug 检测ion - Null pointer risks, race conditions, 记录ic errors, edge case handling Security Issues - SQL injection, XSS vulnerabilities, exposed secrets, authentication flaws Best Practices - De签名 patterns, SOLID principles, 框架 conventions, API de签名 Performance Problems - N+1 queries, memory leaks, inefficient algorithms, unnecessary re-renders Code Style - Naming conventions, code organization, comment 质量, mAIntAInability Test Coverage - Missing tests, insufficient edge case coverage, test 质量 Documentation - Missing JSDoc, unclear function purposes, outdated comments

Supports multiple languages and 框架s:

JavaScript/TypeScript (React, Vue, Angular, Node.js, Next.js) Python (Django, Flask, FastAPI) Go (standard 库, Gin, Echo) Java (Spring Boot, Jakarta EE) Rust (a同步 patterns, unsafe code) C# (.NET Core, ASP.NET) Why Use This 技能 Catches Bugs Early

Studies show bugs found in code review are 10-100× cheaper to fix than bugs found in production:

Pre-commit: 5 minutes to fix Code review: 15-30 minutes to fix QA 测试: 1-2 hours to fix Production: 4-8 hours + potential downtime Improves 代码质量

Automated review catches issues humans miss:

Security vulnerabilities (OWASP Top 10) Performance anti-patterns Memory leaks and resource leaks Concurrent programming bugs Edge cases and boundary conditions Accelerates Team Reviews

Makes human code reviews more valuable:

Automated review catches mechanical issues Human reviewers focus on architecture and business 记录ic Reduces back-and-forth review cycles Faster PR merge times (30-50% reduction) Educational Value

Learn best practices as you code:

Explanations for every issue found Links to documentation and resources Alternative 应用roaches suggested Pattern recognition for future work When to Use This 技能

Use this 技能 for comprehensive code review:

✅ Before committing changes (pre-commit review) ✅ Before creating pull 请求s (pre-PR review) ✅ During PR review (automated first pass) ✅ On legacy code (identify technical debt) ✅ Learning new languages/框架s (educational feedback) ✅ Security-sensitive code (extra scrutiny) ✅ Performance-critical paths (optimization opportunities) ✅ Public API changes (breaking change 检测ion) When NOT to Use This 技能 ❌ On 生成d code (vendor files, build 输出) ❌ For trivial changes (typo fixes, 格式化ting only) ❌ During rAPId prototyping (exploratory phase) ❌ On code you don't control (third-party libraries) ❌ As a substitute for 测试 (use test-生成器 技能) How It Works Step-by-Step Process Analyzes changed files: Reads git diff or specified files 解析s code structure: Builds AST (Abstract Syntax Tree) for deep analysis 检测s patterns: Identifies anti-patterns, bugs, security issues 检查s best practices: 验证s agAInst language/框架 conventions Evaluates performance: Finds inefficient algorithms, database queries Reviews security: 扫描s for OWASP vulnerabilities, exposed 凭证s Assesses style: 检查s naming, organization, mAIntAInability 生成s 报告: Prioritized 列出 of issues with explanations and fixes Review Categories

Critical Issues (Must fix before merge):

Security vulnerabilities Null pointer 异常s Resource leaks Infinite loops Breaking changes without 迁移

High Priority (Should fix):

Performance problems (N+1 queries, memory leaks) Error handling gaps Race conditions Missing 输入 验证 Incorrect 记录ic

Medium Priority (Consider fixing):

Code duplication Complex functions needing refactoring Missing documentation Inconsistent naming Suboptimal patterns

Low Priority (Nice to have):

Minor style issues Verbose code that could be simplified Missing optional parameters Documentation typos Usage Examples Example 1: React 组件 Review

Your code:

// src/组件s/User性能分析.tsx 导入 { useEffect, use状态 } from 'react';

导出 function User性能分析({ userId }) { const [user, 设置User] = use状态(null); const [posts, 设置Posts] = use状态([]);

useEffect(() => { fetch(/API/users/${userId}) .then(res => res.json()) .then(设置User);

fetch(/API/users/${userId}/posts) .then(res => res.json()) .then(设置Posts); }, [userId]);

return (

Ask Claude:

"Review this React 组件 for bugs and best practices"

生成d Review:

🔴 CRITICAL ISSUES

Null Pointer 异常 (Line 14)

{user.name}

Problem: user is