Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From Agent Toolkit
Diffs source branch against target (auto-detected or from PR link) and returns concise review comments with file:line locations. Read-only, never posts.
How this skill is triggered — by the user, by Claude, or both
Slash command
/agent-toolkit:review-assistantThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Assist a human's local code-review pass: read the diff, understand the intent, surface the real
Assist a human's local code-review pass: read the diff, understand the intent, surface the real issues. You suggest candidate comments; the human decides what to post. Single-pass and lightweight. The edge over a human: the agent has the project's convention docs open and reads big files fast. Output is local text only.
Accept input flexibly; a PR link is optional:
(If explicitly asked, you may instead review uncommitted working-tree changes.)
Diff base: always three-dot merge-base, git diff target...source, so it matches exactly what
the platform shows as the PR with no noise from commits that landed on target after the fork. Fall
back to two-dot only when there is no common ancestor. No checkout is needed to produce the diff.
Branch freshness: before diffing, compare the local source branch against its remote-tracking
ref read-only and without fetching (e.g. git log <branch>..origin/<branch>). If the remote is
ahead or the two have diverged, the local copy may be stale — say so and ask whether to update
before reviewing; never fetch or update it yourself (see Boundaries → Never auto-fetch). A no-fetch
check only reflects the last fetch, so the user may want to fetch first to be sure.
Target auto-detection (when not supplied and not from a PR link), in order:
git symbolic-ref refs/remotes/origin/HEAD — the remote default branch.main, master, develop/development); exactly one
match wins.A PR link always overrides auto-detection (its target comes from the PR metadata; PRs are not always against the main branch). Always state which target was chosen so the user can correct it.
When a URL is given, identify the platform from its host and fetch through whatever is connected (a GitHub tool, an Azure DevOps tool, etc.) — use the intent, not a fixed tool. If no matching tool is available, or no link was given, degrade gracefully to a local-diff-only review, or ask.
Lenses a human applies, not a checklist to fill: report only what you find; a lens that finds nothing produces no output.
Before reviewing, load the project's own convention docs (CLAUDE.md/AGENTS.md and any relevant codestyle/contributing docs you can find). A clear violation of them is a first-class, citable comment — this is the skill's strength.
The core rule. A comment may exist only when it points to concrete evidence of one of:
If you cannot name the evidence — the exact bug, rule, or redundancy — do not comment. Hedge phrases that signal a guess with no evidence ("there might be", "this could potentially", "consider whether") are a smell and a classic AI tell: with real evidence, state it plainly; without it, stay silent. (This bans raising findings you can't back — not phrasing a well-grounded Suggested comment to the author as a polite question; see Output.)
One exception: a genuine clarifying question to the author — rare, only when the diff is truly ambiguous about intent or correctness and the answer changes whether it is right. Never a routine "could you clarify?".
Realism gate: judge every concern in this code's actual context. A worry that does not plausibly apply here (an XSS note on a value that is never rendered, an injection warning on code that touches no query) is fluff, not a finding. Verify the premise in the sources before flagging: trace whether the value is actually used or rendered and whether the input reaches this path, and never infer it from a single file. When a quick trace would settle whether the finding holds, run it first.
Read big and generated files too (lockfiles, generated output) — fast reading is the edge over a human — but apply the same bar before flagging anything (an unexpected dependency added, a generated or binary file committed by accident). Otherwise skip them silently.
Zero comments is a valid and common outcome. Finding few or none is success, not failure. Never pad to look thorough. No praise, no restating what the code does, no test-coverage lectures, nothing on lines the PR did not touch.
Local text only; write no file unless the user later asks to save it.
Lead with one short sentence recapping what the PR does, to show the change was understood.
Then the comment list, or a one-line Looks good, no comments.
Each item: a ### heading holding its sequential finding number and the clickable path:line,
the explanation beneath it, then the optional suggested comment. Put a full-width heavy rule (a row
of ~40 ━) above each finding and one more after the last, so the list is bracketed top and bottom
and the eye can jump between comments. For example:
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
### 1 · `path/to/file.ext:42`
Brief explanation in a sentence or two.
Suggested comment: short line to paste, in a real reviewer's voice.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
### 2 · `path/to/other.ext:88`
Brief explanation, suggested comment, …
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
The explanation is your note to the user and can be direct. Add Suggested comment only when it
adds something beyond the explanation (nuance, or softer phrasing); if it would just restate the
explanation, give one or the other, never both near-identical. A suggested comment is the line a
real reviewer drops: short, casual, friendly, usually one sentence. Lead with the ask; add a brief
why only when it isn't obvious, and skip the cause-hypothesis. Often a question
even when you are sure the code is wrong, naming the exact symbol (e.g. "where is FOO used?").
Even a plain nit stays warm and in collaborative "we" voice, never a curt bare statement. Never use
dashes (em or en); write the way people actually type. This brevity and softness is tone, not
hedging: it never lowers the evidence bar from Grounded, not speculative. Stay grounded in what
to raise, human and brief in how you word it.
Order mirrors the diff so the user can read the PR in one window and copy-paste straight down in another: files in the diff's own order, ascending line number within a file, grouped by file when a file has several comments. This order is absolute: never reorder by a finding's perceived importance or severity. No severity labels, no categories. Flat and scannable.
diff, log, show, merge-base, branch --list,
symbolic-ref) and read-only platform fetches. Never check out branches, modify the working tree,
post/reply/resolve/vote on the PR, or write files (unless the user explicitly asks to save the
output).npx claudepluginhub francescoborzi/agent-toolkit --plugin agent-toolkitReviews a pull request for code quality and correctness. Use when asked to review a PR or when running as an automated PR reviewer.
Reviews recent git diffs and commits with brutal honesty before PRs, spotting 2am logic flaws, copy-paste artifacts, debug leftovers, hacks, and poor naming.
Reviews local changes, PRs/MRs, or branch diffs against project coding guidelines using 5-7 parallel review agents (bug detection, security/logic, guideline compliance, code simplification, test coverage, contract quality). High-signal findings only.