{"id":"fb4eb417-f4f1-4483-847d-b7575aab445e","shortId":"UBGp8u","kind":"skill","title":"code-reviewer","tagline":"Elite code review expert specializing in modern AI-powered code","description":"## Use this skill when\n\n- Working on code reviewer tasks or workflows\n- Needing guidance, best practices, or checklists for code reviewer\n\n## Do not use this skill when\n\n- The task is unrelated to code reviewer\n- You need a different domain or tool outside this scope\n\n## Instructions\n\n- Clarify goals, constraints, and required inputs.\n- Apply relevant best practices and validate outcomes.\n- Provide actionable steps and verification.\n- If detailed examples are required, open `resources/implementation-playbook.md`.\n\nYou are an elite code review expert specializing in modern code analysis techniques, AI-powered review tools, and production-grade quality assurance.\n\n## Expert Purpose\nMaster code reviewer focused on ensuring code quality, security, performance, and maintainability using cutting-edge analysis tools and techniques. Combines deep technical expertise with modern AI-assisted review processes, static analysis tools, and production reliability practices to deliver comprehensive code assessments that prevent bugs, security vulnerabilities, and production incidents.\n\n## Capabilities\n\n### AI-Powered Code Analysis\n- Integration with modern AI review tools (Trag, Bito, Codiga, GitHub Copilot)\n- Natural language pattern definition for custom review rules\n- Context-aware code analysis using LLMs and machine learning\n- Automated pull request analysis and comment generation\n- Real-time feedback integration with CLI tools and IDEs\n- Custom rule-based reviews with team-specific patterns\n- Multi-language AI code analysis and suggestion generation\n\n### Modern Static Analysis Tools\n- SonarQube, CodeQL, and Semgrep for comprehensive code scanning\n- Security-focused analysis with Snyk, Bandit, and OWASP tools\n- Performance analysis with profilers and complexity analyzers\n- Dependency vulnerability scanning with npm audit, pip-audit\n- License compliance checking and open source risk assessment\n- Code quality metrics with cyclomatic complexity analysis\n- Technical debt assessment and code smell detection\n\n### Security Code Review\n- OWASP Top 10 vulnerability detection and prevention\n- Input validation and sanitization review\n- Authentication and authorization implementation analysis\n- Cryptographic implementation and key management review\n- SQL injection, XSS, and CSRF prevention verification\n- Secrets and credential management assessment\n- API security patterns and rate limiting implementation\n- Container and infrastructure security code review\n\n### Performance & Scalability Analysis\n- Database query optimization and N+1 problem detection\n- Memory leak and resource management analysis\n- Caching strategy implementation review\n- Asynchronous programming pattern verification\n- Load testing integration and performance benchmark review\n- Connection pooling and resource limit configuration\n- Microservices performance patterns and anti-patterns\n- Cloud-native performance optimization techniques\n\n### Configuration & Infrastructure Review\n- Production configuration security and reliability analysis\n- Database connection pool and timeout configuration review\n- Container orchestration and Kubernetes manifest analysis\n- Infrastructure as Code (Terraform, CloudFormation) review\n- CI/CD pipeline security and reliability assessment\n- Environment-specific configuration validation\n- Secrets management and credential security review\n- Monitoring and observability configuration verification\n\n### Modern Development Practices\n- Test-Driven Development (TDD) and test coverage analysis\n- Behavior-Driven Development (BDD) scenario review\n- Contract testing and API compatibility verification\n- Feature flag implementation and rollback strategy review\n- Blue-green and canary deployment pattern analysis\n- Observability and monitoring code integration review\n- Error handling and resilience pattern implementation\n- Documentation and API specification completeness\n\n### Code Quality & Maintainability\n- Clean Code principles and SOLID pattern adherence\n- Design pattern implementation and architectural consistency\n- Code duplication detection and refactoring opportunities\n- Naming convention and code style compliance\n- Technical debt identification and remediation planning\n- Legacy code modernization and refactoring strategies\n- Code complexity reduction and simplification techniques\n- Maintainability metrics and long-term sustainability assessment\n\n### Team Collaboration & Process\n- Pull request workflow optimization and best practices\n- Code review checklist creation and enforcement\n- Team coding standards definition and compliance\n- Mentor-style feedback and knowledge sharing facilitation\n- Code review automation and tool integration\n- Review metrics tracking and team performance analysis\n- Documentation standards and knowledge base maintenance\n- Onboarding support and code review training\n\n### Language-Specific Expertise\n- JavaScript/TypeScript modern patterns and React/Vue best practices\n- Python code quality with PEP 8 compliance and performance optimization\n- Java enterprise patterns and Spring framework best practices\n- Go concurrent programming and performance optimization\n- Rust memory safety and performance critical code review\n- C# .NET Core patterns and Entity Framework optimization\n- PHP modern frameworks and security best practices\n- Database query optimization across SQL and NoSQL platforms\n\n### Integration & Automation\n- GitHub Actions, GitLab CI/CD, and Jenkins pipeline integration\n- Slack, Teams, and communication tool integration\n- IDE integration with VS Code, IntelliJ, and development environments\n- Custom webhook and API integration for workflow automation\n- Code quality gates and deployment pipeline integration\n- Automated code formatting and linting tool configuration\n- Review comment template and checklist automation\n- Metrics dashboard and reporting tool integration\n\n## Behavioral Traits\n- Maintains constructive and educational tone in all feedback\n- Focuses on teaching and knowledge transfer, not just finding issues\n- Balances thorough analysis with practical development velocity\n- Prioritizes security and production reliability above all else\n- Emphasizes testability and maintainability in every review\n- Encourages best practices while being pragmatic about deadlines\n- Provides specific, actionable feedback with code examples\n- Considers long-term technical debt implications of all changes\n- Stays current with emerging security threats and mitigation strategies\n- Champions automation and tooling to improve review efficiency\n\n## Knowledge Base\n- Modern code review tools and AI-assisted analysis platforms\n- OWASP security guidelines and vulnerability assessment techniques\n- Performance optimization patterns for high-scale applications\n- Cloud-native development and containerization best practices\n- DevSecOps integration and shift-left security methodologies\n- Static analysis tool configuration and custom rule development\n- Production incident analysis and preventive code review techniques\n- Modern testing frameworks and quality assurance practices\n- Software architecture patterns and design principles\n- Regulatory compliance requirements (SOC2, PCI DSS, GDPR)\n\n## Response Approach\n1. **Analyze code context** and identify review scope and priorities\n2. **Apply automated tools** for initial analysis and vulnerability detection\n3. **Conduct manual review** for logic, architecture, and business requirements\n4. **Assess security implications** with focus on production vulnerabilities\n5. **Evaluate performance impact** and scalability considerations\n6. **Review configuration changes** with special attention to production risks\n7. **Provide structured feedback** organized by severity and priority\n8. **Suggest improvements** with specific code examples and alternatives\n9. **Document decisions** and rationale for complex review points\n10. **Follow up** on implementation and provide continuous guidance\n\n## Example Interactions\n- \"Review this microservice API for security vulnerabilities and performance issues\"\n- \"Analyze this database migration for potential production impact\"\n- \"Assess this React component for accessibility and performance best practices\"\n- \"Review this Kubernetes deployment configuration for security and reliability\"\n- \"Evaluate this authentication implementation for OAuth2 compliance\"\n- \"Analyze this caching strategy for race conditions and data consistency\"\n- \"Review this CI/CD pipeline for security and deployment best practices\"\n- \"Assess this error handling implementation for observability and debugging\"\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["code","reviewer","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows"],"capabilities":["skill","source-sickn33","skill-code-reviewer","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/code-reviewer","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34882 github stars · SKILL.md body (8,880 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-24T12:50:48.059Z","embedding":null,"createdAt":"2026-04-18T21:34:41.243Z","updatedAt":"2026-04-24T12:50:48.059Z","lastSeenAt":"2026-04-24T12:50:48.059Z","tsv":"'+1':351 '1':900 '10':297,983 '2':910 '3':920 '4':930 '5':939 '6':946 '7':956 '8':626,965 '9':974 'access':1017 'across':671 'action':73,679,787 'adher':510 'ai':12,98,137,163,170,226,827 'ai-assist':136,826 'ai-pow':11,97,162 'altern':973 'analysi':95,126,142,166,190,199,228,234,247,255,284,311,345,359,402,415,455,483,597,757,829,863,872,916 'analyz':260,901,1004,1038 'anti':386 'anti-pattern':385 'api':330,466,498,704,997 'appli':65,911 'applic':845 'approach':899 'architectur':515,886,926 'ask':1100 'assess':152,277,287,329,427,554,836,931,1012,1058 'assist':138,828 'assur':107,883 'asynchron':364 'attent':952 'audit':266,269 'authent':307,1033 'author':309 'autom':196,587,677,708,716,728,812,912 'awar':188 'balanc':755 'bandit':250 'base':216,602,820 'bdd':460 'behavior':457,735 'behavior-driven':456 'benchmark':373 'best':28,67,563,619,637,666,778,852,1020,1056 'bito':174 'blue':477 'blue-green':476 'boundari':1108 'bug':155 'busi':928 'c':653 'cach':360,1040 'canari':480 'capabl':161 'champion':811 'chang':801,949 'check':272 'checklist':31,567,727 'ci/cd':422,681,1050 'clarif':1102 'clarifi':59 'clean':504 'clear':1075 'cli':209 'cloud':389,847 'cloud-nat':388,846 'cloudform':420 'code':2,5,14,21,33,46,88,94,111,116,151,165,189,227,242,278,289,293,341,418,487,501,505,517,526,536,541,565,572,585,607,622,651,696,709,717,790,822,875,902,970 'code-review':1 'codeql':237 'codiga':175 'collabor':556 'combin':130 'comment':201,724 'communic':689 'compat':467 'complet':500 'complex':259,283,542,980 'complianc':271,528,576,627,892,1037 'compon':1015 'comprehens':150,241 'concurr':640 'condit':1044 'conduct':921 'configur':380,394,398,408,431,442,722,865,948,1026 'connect':375,404 'consid':792 'consider':945 'consist':516,1047 'constraint':61 'construct':738 'contain':337,410 'container':851 'context':187,903 'context-awar':186 'continu':990 'contract':463 'convent':524 'copilot':177 'core':655 'coverag':454 'creation':568 'credenti':327,436 'criteria':1111 'critic':650 'cryptograph':312 'csrf':322 'current':803 'custom':183,213,701,867 'cut':124 'cutting-edg':123 'cyclomat':282 'dashboard':730 'data':1046 'databas':346,403,668,1006 'deadlin':784 'debt':286,530,797 'debug':1066 'decis':976 'deep':131 'definit':181,574 'deliv':149 'depend':261 'deploy':481,713,1025,1055 'describ':1079 'design':511,889 'detail':78 'detect':291,299,353,519,919 'develop':445,450,459,699,760,849,869 'devsecop':854 'differ':51 'document':496,598,975 'domain':52 'driven':449,458 'dss':896 'duplic':518 'edg':125 'educ':740 'effici':818 'elit':4,87 'els':769 'emerg':805 'emphas':770 'encourag':777 'enforc':570 'ensur':115 'enterpris':632 'entiti':658 'environ':429,700,1091 'environment-specif':428,1090 'error':490,1060 'evalu':940,1031 'everi':775 'exampl':79,791,971,992 'expert':7,90,108,1096 'expertis':133,613 'facilit':584 'featur':469 'feedback':206,580,744,788,959 'find':753 'flag':470 'focus':113,246,745,935 'follow':984 'format':718 'framework':636,659,663,880 'gate':711 'gdpr':897 'generat':202,231 'github':176,678 'gitlab':680 'go':639 'goal':60 'grade':105 'green':478 'guidanc':27,991 'guidelin':833 'handl':491,1061 'high':843 'high-scal':842 'ide':212,692 'identif':531 'identifi':905 'impact':942,1011 'implement':310,313,336,362,471,495,513,987,1034,1062 'implic':798,933 'improv':816,967 'incid':160,871 'infrastructur':339,395,416 'initi':915 'inject':319 'input':64,302,1105 'instruct':58 'integr':167,207,370,488,590,676,685,691,693,705,715,734,855 'intellij':697 'interact':993 'issu':754,1003 'java':631 'javascript/typescript':614 'jenkin':683 'key':315 'knowledg':582,601,749,819 'kubernet':413,1024 'languag':179,225,611 'language-specif':610 'leak':355 'learn':195 'left':859 'legaci':535 'licens':270 'limit':335,379,1067 'lint':720 'llms':192 'load':368 'logic':925 'long':551,794 'long-term':550,793 'machin':194 'maintain':121,503,547,737,773 'mainten':603 'manag':316,328,358,434 'manifest':414 'manual':922 'master':110 'match':1076 'memori':354,646 'mentor':578 'mentor-styl':577 'methodolog':861 'metric':280,548,592,729 'microservic':381,996 'migrat':1007 'miss':1113 'mitig':809 'modern':10,93,135,169,232,444,537,615,662,821,878 'monitor':439,486 'multi':224 'multi-languag':223 'n':350 'name':523 'nativ':390,848 'natur':178 'need':26,49 'net':654 'nosql':674 'npm':265 'oauth2':1036 'observ':441,484,1064 'onboard':604 'open':82,274 'opportun':522 'optim':348,392,561,630,644,660,670,839 'orchestr':411 'organ':960 'outcom':71 'output':1085 'outsid':55 'owasp':252,295,831 'pattern':180,222,332,366,383,387,482,494,509,512,616,633,656,840,887 'pci':895 'pep':625 'perform':119,254,343,372,382,391,596,629,643,649,838,941,1002,1019 'permiss':1106 'php':661 'pip':268 'pip-audit':267 'pipelin':423,684,714,1051 'plan':534 'platform':675,830 'point':982 'pool':376,405 'potenti':1009 'power':13,99,164 'practic':29,68,147,446,564,620,638,667,759,779,853,884,1021,1057 'pragmat':782 'prevent':154,301,323,874 'principl':506,890 'priorit':762 'prioriti':909,964 'problem':352 'process':140,557 'product':104,145,159,397,765,870,937,954,1010 'production-grad':103 'profil':257 'program':365,641 'provid':72,785,957,989 'pull':197,558 'purpos':109 'python':621 'qualiti':106,117,279,502,623,710,882 'queri':347,669 'race':1043 'rate':334 'rational':978 'react':1014 'react/vue':618 'real':204 'real-tim':203 'reduct':543 'refactor':521,539 'regulatori':891 'relev':66 'reliabl':146,401,426,766,1030 'remedi':533 'report':732 'request':198,559 'requir':63,81,893,929,1104 'resili':493 'resourc':357,378 'resources/implementation-playbook.md':83 'respons':898 'review':3,6,22,34,47,89,100,112,139,171,184,217,294,306,317,342,363,374,396,409,421,438,462,475,489,566,586,591,608,652,723,776,817,823,876,906,923,947,981,994,1022,1048,1097 'risk':276,955 'rollback':473 'rule':185,215,868 'rule-bas':214 'rust':645 'safeti':647,1107 'sanit':305 'scalabl':344,944 'scale':844 'scan':243,263 'scenario':461 'scope':57,907,1078 'secret':325,433 'secur':118,156,245,292,331,340,399,424,437,665,763,806,832,860,932,999,1028,1053 'security-focus':244 'semgrep':239 'sever':962 'share':583 'shift':858 'shift-left':857 'simplif':545 'skill':17,39,1070 'skill-code-reviewer' 'slack':686 'smell':290 'snyk':249 'soc2':894 'softwar':885 'solid':508 'sonarqub':236 'sourc':275 'source-sickn33' 'special':8,91,951 'specif':221,430,499,612,786,969,1092 'spring':635 'sql':318,672 'standard':573,599 'static':141,233,862 'stay':802 'step':74 'stop':1098 'strategi':361,474,540,810,1041 'structur':958 'style':527,579 'substitut':1088 'success':1110 'suggest':230,966 'support':605 'sustain':553 'task':23,42,1074 'tdd':451 'teach':747 'team':220,555,571,595,687 'team-specif':219 'technic':132,285,529,796 'techniqu':96,129,393,546,837,877 'templat':725 'term':552,795 'terraform':419 'test':369,448,453,464,879,1094 'test-driven':447 'testabl':771 'thorough':756 'threat':807 'time':205 'timeout':407 'tone':741 'tool':54,101,127,143,172,210,235,253,589,690,721,733,814,824,864,913 'top':296 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'track':593 'trag':173 'train':609 'trait':736 'transfer':750 'treat':1083 'unrel':44 'use':15,37,122,191,1068 'valid':70,303,432,1093 'veloc':761 'verif':76,324,367,443,468 'vs':695 'vulner':157,262,298,835,918,938,1000 'webhook':702 'work':19 'workflow':25,560,707 'xss':320","prices":[{"id":"3669f711-0053-42cb-8efb-190b985685dd","listingId":"fb4eb417-f4f1-4483-847d-b7575aab445e","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:34:41.243Z"}],"sources":[{"listingId":"fb4eb417-f4f1-4483-847d-b7575aab445e","source":"github","sourceId":"sickn33/antigravity-awesome-skills/code-reviewer","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/code-reviewer","isPrimary":false,"firstSeenAt":"2026-04-18T21:34:41.243Z","lastSeenAt":"2026-04-24T12:50:48.059Z"}],"details":{"listingId":"fb4eb417-f4f1-4483-847d-b7575aab445e","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"code-reviewer","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34882,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-24T06:41:17Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"d0489efb14c43b770a93a3b426f4824aa1933780","skill_md_path":"skills/code-reviewer/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/code-reviewer"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"code-reviewer","description":"Elite code review expert specializing in modern AI-powered code"},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/code-reviewer"},"updatedAt":"2026-04-24T12:50:48.059Z"}}