What engineering standards does this skill use for reviews?

It utilizes a comprehensive framework based on Google Engineering practices, OWASP security standards, and modern clean code principles like SOLID and DRY.

Does it check for security vulnerabilities?

Absolutely. It performs checks for SQL injection, XSS, insecure cryptography, hardcoded secrets, and other common OWASP-identified vulnerabilities.

Can I add custom review rules for my specific project?

Yes, the skill automatically detects and enforces repository-specific standards if a CLAUDE.md file exists in your project's root directory.

How does it handle token limits during large code reviews?

The skill uses tiered progressive loading, which only activates specific check modules (like frontend, database, or infrastructure) when relevant file types or code patterns are detected.

Professional Code Reviewer

Name: Professional Code Reviewer
Author: melodic-software

bymelodic-software

•

安全与测试

Performs systematic, checklist-driven code reviews based on industry-standard engineering practices and security protocols.

关于

This skill transforms Claude into a rigorous code auditor by applying multi-layered checks ranging from SOLID design principles and OWASP security standards to repository-specific rules. It intelligently manages token usage through tiered progressive loading, ensuring that only relevant checks—such as frontend-specific logic, backend security patterns, or concurrency safety—are applied to your specific files, resulting in high-quality, actionable feedback without unnecessary context overhead.

主要功能

Token-optimized progressive disclosure triggered by file extensions and content patterns
Automatic activation for staged changes, PR preparation, and significant implementation tasks
Multi-layered review architecture covering universal, tier-specific, and repo-specific standards
Security-first auditing based on OWASP, modern cryptography, and input validation
1 GitHub stars
Comprehensive enforcement of SOLID, DRY, KISS, and Clean Code design principles

使用场景

Performing deep-dive architectural reviews for complex pull requests
Standardizing code quality across a team by enforcing custom rules in CLAUDE.md
Conducting pre-commit audits to catch logic bugs and security vulnerabilities early

关于

主要功能

Token-optimized progressive disclosure triggered by file extensions and content patterns
Automatic activation for staged changes, PR preparation, and significant implementation tasks
Multi-layered review architecture covering universal, tier-specific, and repo-specific standards
Security-first auditing based on OWASP, modern cryptography, and input validation
1 GitHub stars
Comprehensive enforcement of SOLID, DRY, KISS, and Clean Code design principles

使用场景

Performing deep-dive architectural reviews for complex pull requests
Standardizing code quality across a team by enforcing custom rules in CLAUDE.md
Conducting pre-commit audits to catch logic bugs and security vulnerabilities early