← Back to Skills

Code Review

🌐Community
by shareai-lab · vlatest · Repository

Automates code reviews for ShareAI Lab's backend projects, ensuring quality and adherence to coding standards.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add shareai-lab-code-review npx -- -y @trustedskills/shareai-lab-code-review
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "shareai-lab-code-review": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/shareai-lab-code-review"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill automates code reviews for ShareAI Lab's backend projects, ensuring quality and adherence to coding standards. It systematically checks code against a defined checklist covering security vulnerabilities, correctness issues, performance bottlenecks, maintainability concerns, and testing adequacy. The skill provides structured feedback including summaries, identified critical issues with suggested fixes, improvement suggestions, positive notes, and an overall verdict on merge readiness.

When to use it

  • Before merging new code into the codebase.
  • When refactoring existing code for improved quality or performance.
  • As part of a continuous integration/continuous delivery (CI/CD) pipeline.
  • To proactively identify potential security vulnerabilities in backend projects.
  • For routine checks on Python, JavaScript/TypeScript codebases.

Key capabilities

  • Security Checks: Identifies injection vulnerabilities (SQL, command, XSS, template), authentication and authorization flaws, data exposure risks, cryptography weaknesses, and dependency vulnerabilities using tools like npm audit, pip-audit, and cargo audit.
  • Correctness Checks: Looks for logic errors, race conditions, resource leaks, error handling issues, and type safety problems.
  • Performance Analysis: Detects N+1 queries, memory inefficiencies, blocking operations, inefficient algorithms, and missing caching opportunities.
  • Maintainability Assessment: Evaluates code naming conventions, complexity (function length, nesting depth), duplication, dead code, and comment quality.
  • Testing Validation: Checks for test coverage, edge case handling, mocking practices, and assertion quality.
  • Provides Structured Output: Delivers reviews in a standardized format with summaries, critical issues, improvement suggestions, positive notes, and a merge verdict.

Example prompts

  • "Review this Python file: src/user_authentication.py."
  • "Perform a code review on the JavaScript component components/form.tsx focusing on security vulnerabilities."
  • "Analyze this Rust module for performance bottlenecks."

Tips & gotchas

  • The skill uses tools like npm audit, pip-audit, and cargo audit; ensure these are installed and configured in your environment if applicable.
  • The review focuses specifically on the areas outlined in the checklist; it may not catch all possible issues.
  • Pay close attention to "Critical Issues" flagged by the skill, as they represent potential high-impact problems.
View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
shareai-lab
Installs
44
Repository (canonical source) →

🌐 Community

Passed automated security scans.