Skill

review-pr

Reviews pull requests with a checklist for TypeScript types, multi-tenant security, auth guards, database filters, error handling, testing coverage, React frontend, API docs, performance, and SOLID principles.

Typescript

React

NestJS

code-quality

security

npx claudepluginhub shipshitdev/skills

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Systematic code review for quality, security, and consistency before merging.

Supporting Assets

plugin.json

SKILL.md

Similar Skills

ui-ux-pro-max

70.8k

Provides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.

ui-ux-pro-max

context7-mcp

51.8k

Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.

context7-plugin

competitive-landscape

32.9k

Analyzes competition with Porter's Five Forces, Blue Ocean Strategy, and positioning maps to identify differentiation opportunities and market positioning for startups and pitches.

startup-business-analyst

Stats

Stars21

Forks2

Last CommitApr 21, 2026

Actions

View Source View Plugin View on GitHub View README

Review PR

Systematic code review for quality, security, and consistency before merging.

Review Checklist

1. TypeScript

No any types
Interfaces/types in dedicated files
Return types on functions
No console.log — use logger service

2. Security and Data Isolation

ALL queries filter by tenant/organization (if multi-tenant)
ALL queries filter soft-deleted records (if applicable)
No cross-tenant data leaks
DTOs with validation decorators
ID validation present

3. Authentication

Auth guards applied to protected routes
User context decorator used correctly
No unintended public endpoints

4. Database

Tenant/organization filter in ALL queries (if applicable)
Soft delete filter in ALL queries (if applicable)
Projections for large documents
Indexes for query patterns
No N+1 queries

5. Error Handling

Try/catch blocks present
Framework-specific exceptions used
Errors logged with logger service
No internals exposed to client

6. Testing

Unit tests written and passing
Error cases tested
Coverage > 70% for new code

7. Frontend

Props in dedicated files
Loading and error states handled
Accessibility (aria labels, keyboard nav)

8. API

API documentation decorators present
Proper HTTP status codes
DTOs for request/response

9. Performance

No unnecessary re-renders (React)
Database queries optimized
No blocking operations in API

10. Best Practices

Follows SOLID principles
DRY (Don't Repeat Yourself)
Code is self-documenting
Functions < 50 lines, Files < 300 lines

Approval Criteria

Block Merge: Security issues, missing tenant filtering, any types, failing tests/build Request Changes: Low coverage, missing docs, performance concerns Approve: All security checks pass, tests passing, follows patterns