Code review with confidence-based filtering. Modes: quick (lint+types), standard (Opus), thorough (parallel agents). Auto-fixes >=95% confidence issues.
Reviews code with confidence-based filtering and auto-fixes high-certainty issues.
/plugin marketplace add GGPrompts/my-plugins/plugin install code-review@my-pluginsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
Automated code review with confidence-based filtering and test coverage assessment.
/code-review:review # Standard review (Opus)
/code-review:review --quick # Fast: lint + types + secrets only
/code-review:review --thorough # Deep: parallel specialized reviewers
/code-review:review <issue-id> # Review for specific issue
Reviews code with precision scoring to minimize false positives:
| Score | Meaning | Action |
|---|---|---|
| 0 | False positive / pre-existing | Skip |
| 25 | Might be real, can't verify | Skip |
| 50 | Real but minor nitpick | Skip |
| 75 | Likely real but uncertain | Skip |
| 80-94 | Verified issue | Flag |
| 95-100 | Certain bug or rule violation | Auto-fix |
Every review includes a needs_tests assessment.
The reviewer evaluates whether changes warrant test coverage based on:
| Factor | Indicators |
|---|---|
| Complexity | Cyclomatic complexity, lines changed, branching logic |
| Risk Areas | Auth, payments, data mutations, API changes |
| Missing Coverage | New functions/classes without corresponding tests |
| Regression Risk | Bug fixes that could recur, edge cases discovered |
{
"needs_tests": true,
"test_assessment": {
"recommendation": "required",
"rationale": "New API endpoint with input validation and error handling",
"suggested_tests": [
{
"type": "unit",
"target": "validateUserInput()",
"cases": ["valid input", "empty input", "malformed input"]
},
{
"type": "integration",
"target": "POST /api/users",
"cases": ["success path", "validation errors", "auth failure"]
}
],
"priority": "high",
"auto_writable": false
}
}
| Level | When | Action |
|---|---|---|
required | New logic, complex branching, risk area | Block until tests added |
recommended | Moderate changes, some complexity | Flag for consideration |
optional | Simple changes, low risk | Note but don't block |
skip | Docs, config, formatting, existing test coverage | No tests needed |
For issues with >=95% confidence:
Safe to auto-fix: Unused imports, console.log statements, formatting, typos
Never auto-fix: Logic changes, security issues, test coverage gaps
--quick)Fast checks for trivial changes:
skip (trivial changes)Spawns code-review:reviewer agent (Opus):
--thorough)Parallel specialized reviewers:
/code-review:silent-failures)/code-review:security){
"passed": true,
"mode": "standard",
"summary": "Reviewed 5 files. Auto-fixed 2 issues. No blockers.",
"claude_md_checked": ["CLAUDE.md"],
"auto_fixed": [
{"file": "src/utils.ts", "line": 45, "issue": "Unused import", "confidence": 98}
],
"flagged": [
{"severity": "important", "file": "src/api.ts", "line": 23, "issue": "Missing error handling", "confidence": 85}
],
"blockers": [],
"needs_tests": true,
"test_assessment": {
"recommendation": "recommended",
"rationale": "New utility function with multiple code paths",
"suggested_tests": [
{"type": "unit", "target": "formatDate()", "cases": ["valid date", "invalid date", "null input"]}
],
"priority": "medium",
"auto_writable": true
}
}
Code review integrates with completion pipelines:
needs_tests: true and recommendation: required:
auto_writable: true:
When auto_writable: true, can spawn test-writer:
Task(
subagent_type="general-purpose",
prompt="Write tests for changes. Assessment: ${test_assessment}"
)
recommendation: required)| Resource | Purpose |
|---|---|
agents/reviewer.md | Agent implementation |
skills/silent-failures/SKILL.md | Error handling audit |
skills/security/SKILL.md | Security vulnerability scan |
skills/review-practices/SKILL.md | Code review behavioral practices |
Use when working with Payload CMS projects (payload.config.ts, collections, fields, hooks, access control, Payload API). Use when debugging validation errors, security issues, relationship queries, transactions, or hook behavior.