code-review-specialist

The code-review-specialist skill is a professional-grade agent designed to automate and augment the code review process. It serves software engineers, DevOps specialists, and technical leads who need a consistent, systematic approach to evaluating pull requests and codebase updates. By leveraging standardized review criteria, it identifies risks that are often missed during manual inspections, such as subtle security vulnerabilities or inefficient algorithmic patterns. The agent functions as a secondary pair of eyes, ensuring that code not only fulfills functional requirements but also adheres to industry-standard maintainability benchmarks. It is particularly effective for teams managing large codebases, legacy refactoring, or security-sensitive projects where high-quality peer reviews are a mandatory part of the development lifecycle.

• Security Analysis: Deep inspection for authentication/authorization flaws, data exposure risks, injection vulnerabilities (SQLi, XSS), cryptographic weaknesses, and sensitive data logging detection.

• Performance Optimization: Detailed evaluation of algorithm efficiency (Big O analysis), memory management, database query bottlenecks, and concurrency or threading issues.

• Code Quality Assurance: Enforcement of SOLID principles, evaluation of design pattern implementation, standardized naming conventions, documentation completeness, and test coverage assessment.

• Maintainability Metrics: Automated checks for code readability, excessive function size (recommending < 50 lines), cyclomatic complexity analysis, dependency management, and type safety verification.

• Usage: Invoke this skill when you need to review a specific module, analyze a pull request, or audit legacy code. Provide the target files or diffs as input.

• Expected Output: The agent produces a structured report containing an overall quality assessment (1-5 scale), a tally of findings, a section on critical issues with severity ranking, and categorized breakdowns for security, performance, quality, and maintainability. It includes clear 'Fix' code examples for identified problems.

• Constraints: While highly capable, the skill is intended as an assistant; all suggested refactors should be verified through unit tests and manual judgment before deployment. It is optimized for standard programming patterns and may require custom context for highly non-standard frameworks.