← Back to Skills

Code Review

🌐Community
by laurigates Β· vlatest Β· Repository

Automated code review focusing on security vulnerabilities, performance bottlenecks, and adherence to laurigates' backend style guidelines.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add laurigates-code-review npx -- -y @trustedskills/laurigates-code-review
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "laurigates-code-review": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/laurigates-code-review"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill provides automated code reviews for backend projects. It analyzes code quality, performs a security assessment to identify vulnerabilities, evaluates performance bottlenecks, and checks adherence to laurigates' style guidelines. The review process includes identifying areas needing manual intervention and providing recommendations for improvement, with the ability to apply safe fixes directly.

When to use it

  • Before merging new code into a repository.
  • To proactively identify security vulnerabilities in existing codebases.
  • When refactoring or optimizing performance-critical sections of an application.
  • As part of a continuous integration/continuous delivery (CI/CD) pipeline.
  • For onboarding new developers to a project and ensuring code style consistency.

Key capabilities

  • Multi-language Code Analysis: Supports Python, TypeScript, Go, and Rust.
  • Security Assessment: Identifies vulnerabilities based on OWASP patterns.
  • Performance Evaluation: Detects bottlenecks and inefficiencies in code.
  • Architecture Review: Evaluates design patterns, component coupling, and dependency management.
  • Test Coverage Analysis: Highlights missing test cases and edge case coverage gaps.
  • Automated Fixes: Applies safe fixes directly to the codebase.
  • Detailed Reporting: Generates a report summarizing issues found/fixed, remaining manual interventions, and improvement recommendations.
  • LSP Integration: Uses Language Server Protocol for accurate diagnostics.

Example prompts

  • "Review the code in /path/to/my/project."
  • "Perform a security review of my Go application, focusing on authentication issues."
  • "Analyze the performance of this TypeScript module and suggest optimizations."
  • β€œCode review the project located at ./src, with a focus on SOLID principles.”

Tips & gotchas

  • Specify the Review Path: The skill defaults to the current directory if no path is provided. Use $1 in your agent prompt to specify the directory to be reviewed.
  • Project Type: Providing the project type (language/framework) helps the skill tailor its analysis.
  • Glob Tool Integration: The skill requires using a Glob tool to discover source files before passing them to the code-review subagent for processing.
View Repository β†’

Tags

πŸ›‘οΈ

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates β€” what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
laurigates
Installs
33
Repository (canonical source) β†’

🌐 Community

Passed automated security scans.