Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From code-review
Performs code review on files, directories, recent git changes, or PRs, providing actionable feedback on quality, security, performance, maintainability, and testing.
npx claudepluginhub devsforge/marketplace --plugin code-reviewHow this command is triggered — by the user, by Claude, or both
Slash command
/code-review:code-reviewThis command is limited to the following tools:
The summary Claude sees in its command listing — used to decide when to auto-load this command
# Code Review Command Conduct thorough code review to identify issues, suggest improvements, and ensure code quality standards. ## Usage **Examples:** ## What This Command Does Performs comprehensive code review across multiple dimensions: 1. **Code Quality**: Structure, readability, maintainability 2. **Security**: Vulnerabilities, authentication, data protection 3. **Performance**: Bottlenecks, optimization opportunities 4. **Best Practices**: Standards compliance, design patterns 5. **Testing**: Coverage, test quality, edge cases ## Review Process ### Step 1: Identify Changes ...
/reviewPerforms a comprehensive code review on a specified file or recent changes, delivering actionable feedback on quality, security, performance, best practices, and bugs.
/code-reviewPerforms comprehensive code quality review of repository structure, code, security, performance, architecture, testing, and documentation. Produces prioritized issues and actionable recommendations with examples.
/devkit.github.review-prReviews GitHub PR by number for code quality, security, architecture, performance, best practices. Optional focus (full/security/etc.) and format (summary/detailed/etc.).
/code-reviewReviews recent git changes for code quality, security, performance, testing, and documentation, providing actionable feedback and line-by-line comments.
/code-reviewReviews local uncommitted changes or GitHub pull requests for security, code quality, and best practices. Also supports PR review mode with full file context.
/code-reviewReviews uncommitted changes for security vulnerabilities, code quality issues, and best practices using git diff. Generates report with severity levels, locations, descriptions, fixes; blocks commits on critical/high issues.
Share bugs, ideas, or general feedback.
Conduct thorough code review to identify issues, suggest improvements, and ensure code quality standards.
/code-review [file_or_directory]
Examples:
/code-review # Review recent git changes
/code-review src/api/users.js # Review specific file
/code-review src/components/ # Review directory
/code-review --pr 123 # Review pull request
Performs comprehensive code review across multiple dimensions:
First, determine what to review:
# Check recent changes
git status
git diff HEAD
# For PR reviews
gh pr diff <pr_number>
Code Quality Check:
Security Analysis:
Performance Review:
Architecture Assessment:
Testing Evaluation:
Provide actionable feedback in this format:
## Code Review Results
### Critical Issues (Must Fix)
- [SECURITY] SQL injection vulnerability in user.login() - Line 45
- [BUG] Null pointer exception possible in processOrder() - Line 123
### Important (Should Fix)
- [PERFORMANCE] N+1 query in getUserOrders() - Line 67
- [QUALITY] Function complexity too high (CC: 15) in calculatePrice() - Line 234
### Suggestions (Nice to Have)
- [REFACTOR] Extract method: validateUserInput() from createUser()
- [STYLE] Use consistent naming: camelCase vs snake_case
### Positive Feedback
- Excellent error handling in PaymentService
- Good test coverage for authentication module (92%)
SQL Injection:
// Bad
const query = `SELECT * FROM users WHERE id = ${userId}`;
// Good
const query = 'SELECT * FROM users WHERE id = ?';
db.query(query, [userId]);
XSS Prevention:
// Bad
element.innerHTML = userInput;
// Good
element.textContent = userInput;
// Or use sanitization library
element.innerHTML = DOMPurify.sanitize(userInput);
N+1 Query Problem:
# Bad
users = User.query.all()
for user in users:
orders = user.orders # Executes query for each user
# Good
users = User.query.options(joinedload(User.orders)).all()
Memory Leak:
// Bad - event listener not removed
element.addEventListener('click', handler);
// Good - cleanup
useEffect(() => {
element.addEventListener('click', handler);
return () => element.removeEventListener('click', handler);
}, []);
High Complexity:
# Bad - complexity 12
def process_payment(user, amount, method, promo):
if user.is_premium:
if method == "credit":
if promo:
# ... nested logic
else:
# ... more logic
elif method == "debit":
# ... more nesting
else:
# ... even more logic
# Good - extract methods
def process_payment(user, amount, method, promo):
discount = calculate_discount(user, promo)
final_amount = apply_discount(amount, discount)
return charge_payment(user, final_amount, method)
Run these tools before manual review:
# Linting
eslint src/
pylint app/
# Security scanning
npm audit
safety check
# Test coverage
jest --coverage
pytest --cov
# Complexity analysis
complexity src/
When reviewing, gather this information:
# Recent changes
git log --oneline -5
git diff main...HEAD
# Changed files
git diff --name-only main...HEAD
# Test results
npm test
pytest
# Build status
npm run build
This command follows code review best practices: