Can it detect performance issues in database queries?

Yes, it is specifically designed to flag N+1 query patterns, missing database indexes, and blocking operations in asynchronous code.

How does this skill improve code security?

The skill scans for critical vulnerabilities including SQL injection, XSS, command injection, and hardcoded credentials, providing specific fix suggestions for each.

Does this skill help with unit testing?

It evaluates new code for missing test coverage, identifies flaky test patterns, and ensures that edge cases are properly handled.

What format does the code review feedback take?

Feedback is delivered in a structured Markdown summary categorized into Critical (Must Fix), Suggestions (Should Consider), Nits (Optional), and What's Good.

Is this skill compatible with frontend frameworks?

Yes, it includes patterns for identifying frontend-specific issues such as unnecessary React re-renders and large bundle sizes.

Automated Code Review

Name: Automated Code Review
Author: julianromli

byjulianromli

•

101

•

安全与测试

Analyzes pull requests and codebases for security vulnerabilities, performance bottlenecks, and architectural quality using specialized review patterns.

This skill empowers Claude to act as a senior-level reviewer by systematically auditing code across four critical dimensions: security, performance, code quality, and testing. It automatically identifies high-risk issues like SQL injection and memory leaks while also enforcing best practices like DRY principles and SRP compliance. By providing a structured output that categorizes findings from critical blockers to minor 'nits,' this skill helps engineering teams maintain high standards, reduce technical debt, and accelerate the PR approval process with consistent, objective feedback.

主要功能

01Standardized markdown output with prioritized severity levels and actionable fix suggestions.

02Performance bottleneck detection including N+1 queries and inefficient async operations.

03Automated testing review to identify missing edge cases and flaky test patterns.

04Code quality enforcement focusing on naming conventions, DRY violations, and complexity.

05Comprehensive security audits for vulnerabilities like SQLi, XSS, and hardcoded secrets.

06101 GitHub stars

使用场景

01Ensuring consistent coding standards and test coverage across distributed engineering teams.

02Automating the first pass of Pull Request reviews to catch common errors before human intervention.

03Performing deep security and performance audits on legacy codebases or complex refactors.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add julianromli/opencode-template code-review

For use in Claude.ai and ChatGPT

Download Skill