What security vulnerabilities does the review agent look for?

It performs systematic analysis based on the OWASP Top 10, detects hardcoded secrets, and identifies potential authentication or authorization flaws.

Does it support validating Claude Code plugins and skills?

Yes, it features mandatory auditor agents that validate frontmatter, tool configurations, and hook events against official Claude Code documentation.

What are review profiles?

Profiles like 'security', 'performance', and 'strict' allow you to run focused subsets of checks, optimizing for speed or depth depending on your current task.

How does this skill handle large Pull Requests?

The skill includes an auto-consensus mode for changesets over 50 files and batched execution for 100+ files to prevent context exhaustion while maintaining high accuracy.

Can I customize the review rules for my specific project?

Yes, you can define repository-specific rules, tech stack overrides, and custom severity levels in a .claude/code-review.md file.

Comprehensive Code Review

Name: Comprehensive Code Review
Author: melodic-software

bymelodic-software

•

安全与测试

Automates multi-tiered code audits for security, performance, and quality using specialized AI agents and consensus-based validation.

The Review skill transforms Claude into a sophisticated code auditor capable of performing deep architectural and security analysis. Unlike basic linters, it initiates a mandatory research phase to detect your specific tech stack and fetch the latest best practices via MCP. It supports tiered profiles—ranging from quick style checks to strict architectural audits—and utilizes a multi-agent consensus mode for large-scale pull requests to ensure maximum accuracy. It is uniquely designed to validate Claude Code ecosystem components, ensuring that skills, agents, and hooks comply with official documentation and frontmatter standards.

主要功能

01Context-aware performance profiling for N+1 queries and resource leaks

02Tiered security analysis targeting OWASP Top 10 and secret detection

0338 GitHub stars

04Mandatory research phase to align findings with current documentation and tech stacks

05Automated Claude Code component validation using specialized auditor agents

06Multi-agent consensus mode for high-accuracy reviews on large changesets

使用场景

01Performing pre-commit sanity checks to catch security flaws and style violations before they reach the repo

02Validating custom Claude Code skills and agents to ensure compliance with ecosystem standards

03Auditing large Pull Requests using parallelized agents to maintain high quality without manual fatigue

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add melodic-software/claude-code-plugins review

For use in Claude.ai and ChatGPT

Download Skill