Conduct thorough code reviews to ensure code quality, maintainability, and adherence to standards.
/plugin marketplace add marcel-Ngan/ai-dev-team/plugin install marcel-ngan-ai-dev-team@marcel-Ngan/ai-dev-teamThis skill inherits all available tools. When active, it can use any tool Claude has access to.
Conduct thorough code reviews to ensure code quality, maintainability, and adherence to standards.
In code review, verify TDD compliance:
| Check | Requirement |
|---|---|
| Tests First | Tests existed before implementation code |
| 100% Pass Rate | All tests must pass (no exceptions) |
| Minimal Code | Only code needed to pass tests (no over-engineering) |
| Test Coverage | New code has corresponding tests |
Do NOT approve PRs with failing tests.
git CLI commandsgh CLI (GitHub CLI){
"owner": "{{github.owner}}",
"repo": "{{github.repo}}",
"defaultBranch": "{{github.defaultBranch}}"
}
1. Understand Context
└── Read PR description, linked issues, specs
2. High-Level Review
└── Architecture, approach, scope
3. Detailed Review
└── Line-by-line code examination
4. Testing
└── Run tests, verify functionality
5. Provide Feedback
└── Comments, suggestions, approval/changes
# PRs requesting your review
gh pr list --search "review-requested:@me"
# PRs in your team's repos
gh pr list --repo owner/repo
# View specific PR
gh pr view 123
# View PR diff
gh pr diff 123
# View files changed
gh pr diff 123 --name-only
# Checkout PR locally
gh pr checkout 123
# Approve
gh pr review 123 --approve
# Approve with comment
gh pr review 123 --approve --body "LGTM! Great work."
# Request changes
gh pr review 123 --request-changes --body "Please address the issues noted."
# Comment only (no approval/rejection)
gh pr review 123 --comment --body "Some suggestions for consideration."
# Add comment via web interface (gh opens browser)
gh pr view 123 --web
# Or use API for specific line comments
gh api repos/{{owner}}/{{repo}}/pulls/123/comments \
-f body="Consider using const here" \
-f path="src/file.ts" \
-f line=42 \
-f side="RIGHT"
## Code Review Checklist
### Functionality
- [ ] Code does what PR description claims
- [ ] Edge cases are handled
- [ ] Error handling is appropriate
- [ ] No obvious bugs
### Code Quality
- [ ] Code is readable and well-structured
- [ ] Functions/methods are focused (single responsibility)
- [ ] No unnecessary complexity
- [ ] No code duplication
- [ ] Naming is clear and consistent
### Standards
- [ ] Follows project coding conventions
- [ ] Consistent with existing codebase patterns
- [ ] No linting warnings/errors
- [ ] Type safety maintained (if TypeScript)
### Security
- [ ] No hardcoded secrets/credentials
- [ ] Input validation where needed
- [ ] No injection vulnerabilities
- [ ] Proper authentication/authorization
### Testing (TDD)
- [ ] **100% tests passing** (mandatory - no exceptions)
- [ ] Tests existed before implementation (TDD compliance)
- [ ] Code is minimal (only what's needed to pass tests)
- [ ] Tests cover edge cases
- [ ] Test names are descriptive
### Documentation
- [ ] Code comments for complex logic
- [ ] API documentation updated
- [ ] README updated if needed
## Security Review Checklist
### Input Handling
- [ ] User input is validated
- [ ] No SQL injection risks
- [ ] No command injection risks
- [ ] No XSS vulnerabilities
### Authentication/Authorization
- [ ] Auth checks are present where needed
- [ ] No authorization bypasses
- [ ] Session handling is secure
### Data Protection
- [ ] Sensitive data not logged
- [ ] Encryption used where appropriate
- [ ] PII handled correctly
### Dependencies
- [ ] No known vulnerable dependencies
- [ ] Dependencies are from trusted sources
| Type | Symbol | Use For |
|---|---|---|
| Blocker | 🔴 | Must fix before merge |
| Issue | 🟠 | Should fix, important |
| Suggestion | 🟡 | Nice to have improvement |
| Question | ❓ | Need clarification |
| Nitpick | 📝 | Minor, optional |
| Praise | 👍 | Good code, pattern |
## Blocker Comment
🔴 **Blocker:** This needs to be fixed before merging.
{{issue}}
**Suggestion:**
{{suggestion}}
---
## Issue Comment
🟠 **Issue:** This could cause problems.
{{explanation}}
**Consider:**
```{{language}}
{{suggestedCode}}
🟡 Suggestion: This could be improved.
{{suggestion}}
(Non-blocking - up to you)
❓ Question: Can you clarify this?
{{question}}
📝 Nitpick: Minor thing.
{{nitpick}}
(Feel free to ignore)
👍 Nice! This is a clean solution.
{{specificPraise}}
---
## Review Feedback Guidelines
### Being Constructive
```markdown
## Good Review Feedback
✅ "Consider extracting this into a function for reusability"
✅ "This could throw if `user` is null - add a check?"
✅ "Nice solution! One thought: would a Map be more efficient here?"
✅ "I'm not sure I understand this logic - can you add a comment?"
## Poor Review Feedback
❌ "This is wrong"
❌ "Why did you do it this way?"
❌ "Bad code"
❌ "Just rewrite this"
## Priority Order
1. **Correctness** - Does it work correctly?
2. **Security** - Are there vulnerabilities?
3. **Performance** - Any obvious issues?
4. **Maintainability** - Can others understand it?
5. **Style** - Does it follow conventions?
Focus on 1-4. Be flexible on 5.
## ✅ Approved
**Reviewed:**
- [x] Functionality
- [x] Code quality
- [x] Tests
- [x] Security considerations
**Notes:**
{{anyNotes}}
LGTM - Ship it! 🚀
## 🔄 Changes Requested
Thanks for the PR! I've left some feedback.
### Required Changes
1. {{blockerChange1}}
2. {{blockerChange2}}
### Suggestions
- {{suggestion1}}
- {{suggestion2}}
Let me know when you've addressed these and I'll re-review.
## ❓ Questions
Before I can complete my review, I have some questions:
1. {{question1}}
2. {{question2}}
Not blocking, just want to understand the approach better.
// Add review feedback to Jira
Atlassian:addCommentToJiraIssue({
cloudId: "{{jira.cloudId}}",
issueIdOrKey: "{{storyKey}}",
commentBody: `🤖 **Senior Developer Agent** - Code Review
**PR:** [#{{prNumber}}]({{prUrl}})
**Review:** {{reviewStatus}}
{{#if approved}}
✅ Code review passed. Ready to merge.
{{else}}
🔄 Changes requested:
{{#each changes}}
- {{change}}
{{/each}}
{{/if}}`
})
| Agent | Code Review Use |
|---|---|
| Senior Developer | Primary reviewer, verifies TDD compliance + 100% pass rate, final approval |
| Junior Developer | Addresses feedback, ensures tests pass |
| Software Architect | Architecture review |
| QA Engineer | Integration/E2E test coverage review |
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.