Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From github-devflow
This skill should be used when the user asks to "review a PR", "code review PR
npx claudepluginhub hhiroshell/gh-devflow-plugins --plugin github-devflowHow this skill is triggered — by the user, by Claude, or both
Slash command
/github-devflow:code-reviewThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Perform a comprehensive code review on a GitHub pull request by dispatching multiple specialized reviewer agents in parallel, each analyzing from a different perspective with a clean context. Aggregate all findings into a single GitHub PR review with line-specific comments.
Reviews GitHub pull requests using parallel subagents for CLAUDE.md compliance, bugs, git history context, past feedback, and code comment adherence.
Performs thorough pull request reviews with parallel agents for bugs, security issues, guideline compliance, and error handling. Provides confidence-scored feedback and batched GitHub comments.
Conducts deep PR reviews using 6-7 parallel specialized agents for code quality, security, testing, frontend/backend architecture. Use for thorough pull request analysis before merging.
Share bugs, ideas, or general feedback.
Perform a comprehensive code review on a GitHub pull request by dispatching multiple specialized reviewer agents in parallel, each analyzing from a different perspective with a clean context. Aggregate all findings into a single GitHub PR review with line-specific comments.
Eight reviewer agents analyze the PR simultaneously:
| Agent | Model | Focus |
|---|---|---|
logic-reviewer | sonnet | Bugs, edge cases, error handling, race conditions |
design-reviewer | sonnet | Code structure, naming, SOLID, readability |
security-reviewer | sonnet | Injection, auth issues, data exposure, OWASP |
performance-reviewer | haiku | Algorithmic complexity, memory, N+1 queries |
convention-reviewer | haiku | CLAUDE.md compliance, project conventions |
git-history-reviewer | haiku | Git blame, commit history, regression risk |
pr-history-reviewer | haiku | Past PRs and review comments on same files |
docs-reviewer | haiku | Missing or outdated documentation for changed code |
| Script | Purpose |
|---|---|
scripts/fetch-pr-diff.sh | Fetch PR diff and metadata |
scripts/post-review.sh | Post a combined review with line comments |
Fetch the PR diff and metadata:
PR_NUMBER=$ARGUMENTS
PR_DATA=$(bash ${CLAUDE_PLUGIN_ROOT}/skills/code-review/scripts/fetch-pr-diff.sh $PR_NUMBER)
Extract key fields from the result:
owner, repo: Repository contexttitle, body: PR descriptionbaseRef, headRef: Branch nameschangedFiles: Array of changed file pathsdiff: Full unified diffIf the diff is large (more than 10 changed files), warn the user that the review may consume a significant portion of Pro plan token limits and ask whether to proceed. This threshold is based on typical token usage patterns where reviewing more than 10 files in a single session can consume a substantial portion of daily limits.
Launch all 8 reviewer agents in parallel using the Task tool. Use agent-specific subagent types (e.g., github-devflow:logic-reviewer). Each agent runs in its own isolated context with its system prompt, model, and tools automatically applied from the agent definition.
For each agent, provide a prompt containing the PR context:
Prompt template for each agent:
## PR Information
- Repository: {owner}/{repo}
- PR #{pr_number}: {title}
- Base: {baseRef} → Head: {headRef}
- Changed files: {changedFiles}
## Diff
{diff}
Review the changes and output your findings as JSON in the specified format.
Important: Launch ALL agents in a single message using multiple Task tool calls so they run in parallel. Use the following subagent types:
github-devflow:logic-reviewergithub-devflow:design-reviewergithub-devflow:security-reviewergithub-devflow:performance-reviewergithub-devflow:convention-reviewergithub-devflow:git-history-reviewergithub-devflow:pr-history-reviewergithub-devflow:docs-reviewerThe model for each agent is automatically determined from the agent's frontmatter (see the Review Perspectives table above for reference).
After all agents complete:
Create a review summary body (markdown) that includes:
## Multi-Perspective Code Review
This review was generated by analyzing PR #{pr_number} from 8 perspectives.
### Summary
| Perspective | Findings |
|-------------|----------|
| Logic & Correctness | X issues |
| Design & Maintainability | X issues |
| Security | X issues |
| Performance | X issues |
| Convention Compliance | X issues |
| Git History Context | X issues |
| PR History Context | X issues |
| Documentation | X issues |
| **Total** | **X issues** |
### Key Findings
[List the most important findings across all perspectives, grouped by severity (error > warning > info)]
Create the output directory and write the review summary:
mkdir -p /tmp/github-devflow:code-review/${REPO}/${PR_NUMBER}
# Write review body to /tmp/github-devflow:code-review/${REPO}/${PR_NUMBER}/review-body.md
Build the comments JSON array from aggregated findings:
[
{
"path": "src/main.py",
"line": 42,
"start_line": 40,
"body": "**[Logic]** :warning: Description of issue..."
}
]
The start_line field is optional and enables multi-line comment ranges.
Format each comment body with the perspective tag:
**[Logic]** for logic-reviewer findings**[Design]** for design-reviewer findings**[Security]** for security-reviewer findings**[Performance]** for performance-reviewer findings**[Convention]** for convention-reviewer findings**[Git History]** for git-history-reviewer findings**[PR History]** for pr-history-reviewer findings**[Docs]** for docs-reviewer findingsPrefix each comment with a severity emoji:
:rotating_light: for error:warning: for warning:information_source: for infoWrite comments JSON to /tmp/github-devflow:code-review/${REPO}/${PR_NUMBER}/review-comments.json
Post the review:
bash ${CLAUDE_PLUGIN_ROOT}/skills/code-review/scripts/post-review.sh $PR_NUMBER /tmp/github-devflow:code-review/${REPO}/${PR_NUMBER}/review-body.md /tmp/github-devflow:code-review/${REPO}/${PR_NUMBER}/review-comments.json
Note: File paths must be within /tmp/github-devflow:code-review/ for security validation.
After posting, display a summary to the user:
This skill must NOT modify any repository files. Only analyze and post review comments:
/tmp/ for the review posting processEach agent returns a JSON object. Parse it carefully:
gh CLI is not authenticated, inform the user to run gh auth loginThe git-history and pr-history agents make GitHub API calls. If rate limiting occurs, those agents will return partial or empty results. This is acceptable - note it in the summary.