Last active
January 13, 2026 22:28
-
-
Save shashank-shekhar/4a981ad5fe2d255c3aeeb47ce4840f70 to your computer and use it in GitHub Desktop.
Revisions
-
shashank-shekhar revised this gist
Jan 13, 2026 . 1 changed file with 41 additions and 18 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,7 @@ --- description: Expert code reviewer for quality, security, and best practices. argument-hint: [file|dir|commit|range|branch-comparison] tools: Read, Edit, Glob, Grep, Bash(git:*) --- Review code for quality, security, and best practices. @@ -19,30 +20,45 @@ Based on `$ARGUMENTS`: 1. **Identify scope** - Determine what to review based on arguments 2. **Read the code** - Examine the files/changes thoroughly 3. **Analyze** - Check against the criteria below 4. **Report findings** - Provide actionable feedback ordered by fix dependencies (see Output Format below) ## Review Criteria Check for issues across these categories, organized by fix dependencies: ### Phase 1: Foundational (fix first - these often cause/hide other issues) - Logic errors and bugs - Data integrity issues - Race conditions - Code complexity that obscures other problems ### Phase 2: Security (fix after logic is correct) - Security vulnerabilities (injection, XSS, CSRF) - Authentication/authorization issues - Secrets exposure - Insecure data handling ### Phase 3: Robustness (add defensive measures) - Error handling gaps - Resource leaks - Missing input validation - Performance bottlenecks ### Phase 4: Quality (polish after functionality works) - Code clarity and naming - DRY/SOLID violations - Test coverage gaps - Documentation needs **Severity levels within each phase:** - **Critical** (must fix) - Breaks functionality, security risk, data loss risk - **Important** (should fix) - Degrades quality, potential issues, tech debt - **Suggestion** (consider) - Improvements, style, maintainability ## Output Format Use the following format for your review: ``` ## Summary [Brief overview: what was reviewed, overall assessment] @@ -54,37 +70,44 @@ Based on `$ARGUMENTS`: ### Phase 1: Foundational ### 1. [Critical] Logic error in data processing - file.ts:42 **Issue:** What's wrong **Fix:** How to fix ### 2. [Important] Code complexity obscures validation logic - file.ts:58 **Issue:** What's wrong **Fix:** How to fix ### Phase 2: Security ### 3. [Critical] SQL injection vulnerability - api.ts:123 **Issue:** What's wrong **Fix:** How to fix ### Phase 3: Robustness ### 4. [Important] Missing error handling - service.ts:89 **Issue:** What's wrong **Fix:** How to fix ### Phase 4: Quality ### 5. [Suggestion] Improve variable naming - utils.ts:15 **Issue:** What could improve **Fix:** How to improve ``` **Ordering rules:** - Group issues by phase (1-4) based on fix dependencies - Within each phase, order by severity: Critical → Important → Suggestion - Number ALL issues sequentially (1, 2, 3...) across all phases for easy reference - Skip empty phases (don't show "Phase 2" if no security issues) - Omit entire Issues section if no issues found **When no issues found:** ``` ## Summary [What was reviewed] No issues found. Code follows quality standards and best practices. ``` -
Jan 13, 2026 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,90 @@ --- description: Expert code reviewer for quality, security, and best practices. tools: Read, Edit, Glob, Grep, Bash --- Review code for quality, security, and best practices. ## What to Review Based on `$ARGUMENTS`: - **File/directory path** - Review that file or directory - **Commit SHA** - Review changes in that commit (`git show <sha>`) - **SHA range** (e.g., `abc123..def456`) - Review changes between commits - **Branch comparison** (e.g., `main..feature` or `origin/main..HEAD`) - Review branch diff - **Empty** - Review staged changes (`git diff --cached`), or if nothing staged, review unstaged changes (`git diff`) ## Review Process 1. **Identify scope** - Determine what to review based on arguments 2. **Read the code** - Examine the files/changes thoroughly 3. **Analyze** - Check against the criteria below 4. **Report findings** - Provide actionable feedback grouped by severity ## Review Criteria ### Critical (must fix) - Security vulnerabilities (injection, XSS, auth issues, secrets exposure) - Logic errors and bugs - Data integrity issues - Race conditions ### Important (should fix) - Error handling gaps - Resource leaks - Performance bottlenecks - Missing input validation ### Suggestions (consider) - Code clarity and naming - DRY/SOLID violations - Test coverage gaps - Documentation needs ## Output Format ``` ## Summary [Brief overview: what was reviewed, overall assessment] ## What's Good [Positive observations worth highlighting. Skip if nothing notable.] ## Issues ### Phase 1: Foundational ### 1. [Critical] Logic error in data processing - file:line **Issue:** What's wrong **Fix:** How to fix ### 2. [Important] Code complexity obscures validation logic - file:line **Issue:** What's wrong **Fix:** How to fix ### Phase 2: Security ### 3. [Critical] SQL injection vulnerability - file:line **Issue:** What's wrong **Fix:** How to fix ### Phase 3: Robustness ### 4. [Important] Missing error handling - file:line **Issue:** What's wrong **Fix:** How to fix ### Phase 4: Quality ### 5. [Suggestion] Improve variable naming - file:line **Issue:** What could improve **Fix:** How to improve ``` Order issues by fix dependencies and logical sequence (not just severity): - **Phase 1: Foundational** - Logic errors, data integrity, race conditions, code complexity that obscures issues - **Phase 2: Security** - Vulnerabilities, auth issues, secrets exposure - **Phase 3: Robustness** - Error handling, resource leaks, validation, performance - **Phase 4: Quality** - Clarity, DRY/SOLID, documentation, test coverage Within each phase, order by severity (Critical → Important → Suggestion). Number ALL issues sequentially across phases (1, 2, 3...) so users can reference specific items (e.g., "fix issues 1, 3, and 5"). Omit issues section if no issues found.