Agent skill

review-code

Review code changes for quality, security, and performance. Use when user says "review my changes", "do a code review", "check this for issues", "analyze code quality", "security review", "performance review", "is this PR ready", or needs architecture, security, performance, and style analysis.

View SKILL.md on GitHub Repository
Stars 30
Forks 9

Install this agent skill to your Project

npx add-skill https://github.com/Uniswap/ai-toolkit/tree/next/packages/plugins/development-pr-workflow/skills/review-code

SKILL.md

Code Reviewer

Comprehensive code review using multi-agent coordination for architecture, security, performance, and style analysis.

When to Activate

  • User asks for code review (any context)
  • User wants changes reviewed before merge
  • User needs security or performance analysis
  • User asks "is this ready?"
  • PR quality check needed
  • User mentions reviewing changes before commit/PR
  • User asks about code issues or improvements

Inputs

Parse from request:

  • paths: Files or directories to review (defaults to current git changes)
  • --depth: Review depth (standard|comprehensive) - default: standard
  • --focus: Specific aspects (architecture|security|performance|all) - default: all
  • --suggest-fixes: Generate fix suggestions (default: true)
  • --check-tests: Review test coverage (default: false)
  • --baseline: Compare against baseline branch (default: main)

Quick Process

  1. Gather Context: Get diff, changed files, commit messages
  2. Analyze: Understand intent and scope
  3. Multi-Agent Review: Architecture, security, performance, style
  4. Generate Fixes: Actionable improvements
  5. Summarize: Recommendation with action items

Review Depth

Depth Agents Focus
Standard 4 Quick validation of key concerns
Comprehensive 8+ Deep multi-phase analysis

Orchestration Strategy

Phase 1: Code Analysis Preparation

  1. Identify Review Scope:

    • If no paths provided, get current git changes
    • Expand directories to file lists
    • Filter by file types and patterns

  2. Context Loading:

    • Invoke context-loader to understand surrounding code
    • Identify architectural patterns and conventions
    • Load relevant documentation and standards

Phase 2: Multi-Agent Review

Invoke agents to coordinate parallel analysis:

  • Code Quality: style-enforcer, refactorer, code-explainer
  • Architecture & Design: pattern consistency, design validation
  • Security & Performance: security-analyzer, performance-analyzer
  • Testing: test-writer (coverage gaps)

Phase 3: Deep Analysis (if --depth comprehensive)

For comprehensive review, additional specialized analysis:

  • Dependency Analysis: Check for circular dependencies, validate imports
  • Pattern Consistency: Compare with existing patterns, identify deviations
  • Impact Analysis: Assess breaking changes, affected components

Phase 4: Result Aggregation

Combine insights from all agents:

  1. Issue Prioritization:

    • Critical: Security vulnerabilities, breaking changes
    • High: Performance issues, architectural violations
    • Medium: Style inconsistencies, missing tests
    • Low: Minor improvements, documentation

  2. Fix Generation:

    • Automated fixes for style issues
    • Refactoring suggestions with examples
    • Security patches with explanations

Review Categories

  • Architecture: Pattern compliance, SOLID, dependencies
  • Security: Vulnerabilities, auth, injection risks
  • Performance: Complexity, queries, caching
  • Maintainability: Complexity, coverage, duplication
  • Testing: Coverage gaps, test quality

Specialized Review Modes

Architecture Focus (--focus architecture)

  • Emphasize design patterns and structure
  • Validate SOLID principles
  • Check dependency management
  • Assess modularity and coupling

Security Focus (--focus security)

  • Deep vulnerability scanning
  • Input validation checks
  • Authentication/authorization review
  • Secrets and credential scanning

Performance Focus (--focus performance)

  • Algorithm complexity analysis
  • Memory usage patterns
  • Database query optimization
  • Caching opportunities

Output Format

Provides:

  • Summary: Intent, scope, risk assessment, files reviewed, issues by severity
  • Findings: By severity (critical, major, minor) with file, line, explanation
  • Architecture Insights: Patterns, violations, recommendations
  • Security Report: Vulnerabilities, severity, mitigation
  • Performance Report: Bottlenecks, impact, optimization
  • Test Coverage: Current coverage, gaps, suggested tests
  • Action Plan: Must-fix, should-fix, consider lists
  • Patches: Actionable diffs with automated fix commands

Recommendation

Returns: approve, request-changes, or comment

Examples

text
"Review my code changes"
"Check this file for security issues"
"Deep review of src/api/ focusing on performance"
"Review code quality in the authentication module"
"Is this PR ready to merge?"

Delegation

Invokes specialized agents (style-enforcer, security-analyzer, performance-analyzer, code-explainer, refactorer, test-writer) for comprehensive multi-dimensional analysis.

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

Uniswap/ai-toolkit

review-plan

Review implementation plans for completeness and feasibility. Use when user says "review this plan before I start", "is this implementation plan complete", "check if this plan aligns with our patterns", "give me feedback on my implementation strategy", or "validate this plan before we execute it".

30 9
Explore
Uniswap/ai-toolkit

plan-implementation

Create implementation plans for features and changes. Use when user says "plan how to implement user authentication", "how should I add dark mode to the app", "what's the best way to refactor the database layer", "create a plan for migrating to the new API", or "I need to implement [feature] - help me plan it out".

30 9
Explore
Uniswap/ai-toolkit

execute-plan

Execute implementation plans step-by-step. Use when user says "execute the plan", "implement the plan we created", "start building based on the plan", "go ahead and implement it", "proceed with the implementation", "execute as a stack", "create a PR stack while implementing", "implement with one PR per step", or references a plan file and wants to begin coding.

30 9
Explore
Uniswap/ai-toolkit

generate-commit-message

Generate well-structured git commit messages. Use when user says "generate commit message", "write a commit", "what should my commit message be", "create commit message for these changes", or needs help crafting conventional commit messages.

30 9
Explore
Uniswap/ai-toolkit

plan-swarm

Refine plans through multi-agent expert discussion. Use when user says "get multiple expert opinions on this plan", "I want different perspectives on this approach", "have the agents discuss this strategy", "refine the plan through collaborative review", or "what would different specialists think about this design".

30 9
Explore
Uniswap/ai-toolkit

create-pr

Create or update pull requests with conventional commits. Use when user says "create a PR for these changes", "submit this for review", "open a pull request", "push these changes and create a PR", "I'm ready to submit this work", or "create PR and link to issue

30 9
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results