Code Review Playbook

The code-review-playbook skill provides a structured framework for AI agents to conduct comprehensive code reviews, focusing on security vulnerabilities, architectural consistency, and adherence to best practices. It transforms raw code submissions into actionable feedback by systematically analyzing logic flow, dependency management, and maintainability standards.

When to use it

• Before merging pull requests in backend repositories to catch critical bugs early.
• When integrating new team members who need guidance on project-specific coding conventions.
• During refactoring efforts to ensure legacy code remains secure and performant.
• To validate that third-party library implementations follow the project's security policies.

Key capabilities

• Automated detection of common security vulnerabilities and anti-patterns.
• Analysis of architectural alignment with established backend design principles.
• Generation of prioritized feedback lists distinguishing between critical, major, and minor issues.
• Context-aware suggestions for improving code readability and testability.

Example prompts

• "Review this Python service implementation against our security playbook and list any potential injection risks."
• "Act as a senior backend engineer and critique the database migration script for performance bottlenecks."
• "Generate a checklist of improvements for this API controller based on standard code review guidelines."

Tips & gotchas

Ensure you provide the full context of the project's architecture or specific style guide, as the skill relies on these details to offer precise recommendations. While effective at identifying standard issues, it may require human oversight for complex architectural decisions involving business logic nuances.