Skill

review-methodology

Systematic review methodology for agentic codebases with issue detection, analysis, and reporting. Use when: "review agentic code", "audit agent system", "check agent quality", "agentic code review"

Install

npx claudepluginhub mikeparcewski/wicked-garden --plugin wicked-garden

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Systematic approach to reviewing agentic systems and codebases for issues, risks, and improvement opportunities.

Supporting Assets

refs/deliverable-templates.mdrefs/issue-taxonomy-quality-testing.mdrefs/issue-taxonomy-reliability-safety.md

SKILL.md

Similar Skills

kotlin-ktor-patterns

Provides Ktor server patterns for routing DSL, plugins (auth, CORS, serialization), Koin DI, WebSockets, services, and testApplication testing.

everything-claude-code

163.2k

deep-research

Conducts multi-source web research with firecrawl and exa MCPs: searches, scrapes pages, synthesizes cited reports. For deep dives, competitive analysis, tech evaluations, or due diligence.

everything-claude-code

163.2k

inventory-demand-planning

Provides demand forecasting, safety stock optimization, replenishment planning, and promotional lift estimation for multi-location retailers managing 300-800 SKUs.

everything-claude-code

163.2k

Stats

Stars8

Forks1

Last CommitMar 22, 2026

Actions

View Source View Plugin View on GitHub View README

Agentic Review Methodology

Systematic approach to reviewing agentic systems and codebases for issues, risks, and improvement opportunities.

Four-Phase Review Process

Phase 1: Detect (Discovery)

Goal: Identify all potential issues

Activities:

Code analysis (static analysis, anti-patterns)
Configuration review (prompts, secrets, limits)
Runtime analysis (logs, traces, metrics)
Documentation review

Tools:

Static analyzers (pylint, mypy, eslint)
Custom grep patterns for agentic anti-patterns
Log aggregation tools

Deliverable: Raw issue inventory

Phase 2: Analyze (Assessment)

Goal: Understand each issue's impact and root cause

For Each Issue:

Classify type (see refs/issue-taxonomy-reliability-safety.md and refs/issue-taxonomy-quality-testing.md)
Determine severity (Critical/High/Medium/Low)
Assess impact (Reliability/Security/Cost/Performance)
Identify root cause
Estimate fix effort

Analysis Framework:

What is the issue?
Why is it a problem?
What are the consequences?
What is the root cause?
How should it be fixed?

Deliverable: Analyzed issue list with severity and impact

Phase 3: Score (Prioritization)

Goal: Prioritize issues for remediation

Severity Levels:

Critical (P0): Security vulnerabilities, data loss risks, system crashes, compliance violations. Fix immediately.

High (P1): Reliability issues, performance problems, cost inefficiencies, safety gaps. Fix within 1 week.

Medium (P2): Code quality issues, minor performance issues, missing observability. Fix within 1 month.

Low (P3): Style issues, optimization opportunities, nice-to-have features. Backlog.

Prioritization Matrix:

Impact vs Effort:
           Low Effort    High Effort
High       Quick Wins    Major Projects
Impact     (Do First)    (Plan)

Low        Easy Wins     Avoid
Impact     (Do Later)    (Skip)

Deliverable: Prioritized roadmap

Phase 4: Report (Communication)

Goal: Communicate findings effectively to stakeholders

Report Components:

Executive Summary (1 page) - Overall assessment and top recommendations
Issue Inventory (Detailed) - All issues with severity and recommendations
Remediation Roadmap - Phased approach with quick wins
Metrics Dashboard - Issue counts and maturity score

Deliverable: Comprehensive review report

See refs/deliverable-templates.md for complete templates.

Issue Severity Classification

Determining Severity

Can it cause data loss? → Critical
Can it cause security breach? → Critical
Does it crash the system? → Critical/High
Does it violate compliance? → Critical
Does it affect reliability? → High/Medium
Does it waste money? → High/Medium
Is it a code quality issue? → Medium/Low

Examples by Severity

Critical:

No input validation (SQL injection risk)
Credentials in code
No error handling (system crashes)
Production deletes without approval
Missing audit logs for compliance

High:

No circuit breakers (cascading failures)
Missing observability (can't debug)
No resource limits (runaway costs)
Hardcoded prompts (can't iterate)
No testing (high bug risk)

Medium:

Inefficient token usage
Missing documentation
No caching (higher costs)
Verbose logging
Code duplication

Low:

Style inconsistencies
Missing type hints
Suboptimal variable names
Minor optimizations

See refs/issue-taxonomy-reliability-safety.md and refs/issue-taxonomy-quality-testing.md for complete classification guide.

Finding Documentation Template

For each issue, document:

## Issue: [Short Title]

**ID:** ISSUE-001
**Severity:** Critical | High | Medium | Low
**Category:** Reliability | Security | Safety | Cost | Performance | Quality
**Component:** [Which agent/module]

### Description
[What is the issue?]

### Evidence
[Code snippets, logs, metrics]

### Impact
[What are the consequences?]

### Root Cause
[Why does this exist?]

### Recommendation
[How to fix it?]

### Effort Estimate
[Hours/Days/Weeks]

### Priority
[P0/P1/P2/P3]

Tips for Effective Reviews

Be Systematic: Follow all four phases
Be Objective: Focus on facts, not opinions
Be Specific: Provide code examples and evidence
Be Constructive: Suggest solutions, not just problems
Be Prioritized: Don't overwhelm with low-priority issues
Be Clear: Use simple language in reports

References

refs/issue-taxonomy-reliability-safety.md and refs/issue-taxonomy-quality-testing.md - Complete issue category reference and anti-pattern detection
refs/deliverable-templates.md - Detailed report templates and review checklist