Java Python Code Reviewer

The java-python-code-reviewer skill enables AI agents to analyze Java and Python codebases for security vulnerabilities, performance bottlenecks, and architectural inconsistencies. It specifically targets common issues like SQL injection risks, inefficient database queries, and improper resource management across both languages.

When to use it

• Before merging pull requests containing backend logic written in Java or Python.
• During the initial setup of a new microservice architecture to establish secure coding standards.
• When auditing legacy codebases for deprecated libraries or known CVEs.
• To automate routine checks for memory leaks and thread safety issues in long-running services.

Key capabilities

• Identifies SQL injection vulnerabilities in database interaction layers.
• Detects inefficient N+1 query patterns in ORM usage.
• Flags improper exception handling that could lead to information leakage.
• Highlights resource leaks such as unclosed connections or streams.
• Suggests refactoring for better separation of concerns and modularity.

Example prompts

• "Review this Java service module for potential SQL injection risks and suggest fixes."
• "Analyze the following Python API handler for performance bottlenecks and memory leaks."
• "Audit this backend codebase for deprecated libraries and insecure configurations."

Tips & gotchas

Ensure your codebase includes proper dependency management files (pom.xml or requirements.txt) so the agent can verify library versions against known vulnerabilities. For best results, provide context about the specific security standards or performance metrics your team prioritizes.