From sdd-mcp
Performs Linus Torvalds-style code reviews on files, directories, git diffs, or PRs, checking correctness, simplicity, maintainability, and project conventions. Use after implementation.
npx claudepluginhub yi-john-huang/sdd-mcpThis skill uses the workspace's default tool permissions.
Perform comprehensive code reviews in the style of Linus Torvalds - direct, thorough, and focused on what matters: correctness, simplicity, and long-term maintainability.
Delivers brutally honest code reviews in Linus Torvalds style, prioritizing data structures, simplicity, pragmatism, and engineering fundamentals over style nits. Use for critical, no-nonsense feedback.
Provides structured code review guidance for correctness, maintainability, performance, and security to catch defects pre-merge. Use for PR reviews, self-reviews, or quality checks in any language.
Reviews implementation code changes for quality, design, correctness, and maintainability using Conventional Comments. Covers context, SOLID principles, patterns, tests, security, operability.
Share bugs, ideas, or general feedback.
Perform comprehensive code reviews in the style of Linus Torvalds - direct, thorough, and focused on what matters: correctness, simplicity, and long-term maintainability.
"Talk is cheap. Show me the code." โ Linus Torvalds
This review focuses on:
Determine what to review:
/sdd-review src/services/UserService.ts/sdd-review src/services//sdd-review HEAD~3..HEAD/sdd-review PR-123 or /sdd-review MR-45Before reviewing:
.spec/steering/.spec/specs/## Correctness Issues
### Critical
- [ ] Logic errors that will cause bugs
- [ ] Race conditions or threading issues
- [ ] Resource leaks (files, connections, memory)
- [ ] Unhandled error conditions
### Important
- [ ] Edge cases not handled
- [ ] Assumptions that may not hold
- [ ] Off-by-one errors
- [ ] Type mismatches or unsafe casts
Ask these questions:
Check against project conventions:
## Pattern Violations
### Naming
- [ ] Variables don't follow naming convention
- [ ] Functions named for implementation, not purpose
### Structure
- [ ] Logic in wrong layer (controller doing business logic)
- [ ] Missing separation of concerns
- [ ] Circular dependencies introduced
### Error Handling
- [ ] Swallowed exceptions
- [ ] Generic error messages
- [ ] Missing error propagation
Structure feedback with clear categories:
# Code Review: {file/PR description}
## Summary
Brief overall assessment (1-2 sentences)
## ๐จ Must Fix (Blocking)
Issues that must be resolved before merge:
1. **Line 42**: Memory leak - connection never closed
```diff
- const conn = await getConnection();
+ const conn = await getConnection();
+ try { ... } finally { conn.close(); }
Issues that should be addressed but won't block:
Improvements that would be nice but are truly optional:
Array.flatMap()Acknowledge good patterns to reinforce them:
### Step 5: Verify Tests
For any code changes:
1. Check if tests exist for modified code
2. Verify edge cases are tested
3. Run existing tests to ensure no regressions
```bash
# Run tests for affected files
npm test -- --findRelatedTests {changed-files}
| Level | Meaning | Action Required |
|---|---|---|
| ๐จ Critical | Bug, security issue, data loss risk | Must fix before merge |
| โ ๏ธ Warning | Code smell, potential issue | Should fix, discuss if disagree |
| ๐ก Info | Suggestion, style preference | Optional, author's choice |
any type usage without justificationWhen reviewing implementation:
.spec/specs/{feature}/requirements.md.spec/specs/{feature}/design.md.spec/specs/{feature}/tasks.md# Code Review: UserAuthService.ts
## Summary
Good overall structure but has a critical security issue and some error handling gaps.
## ๐จ Must Fix
1. **Line 67**: Password stored in plain text in error log
```typescript
// BAD: Leaks credentials
logger.error(`Login failed for ${email} with password ${password}`);
// GOOD: Never log credentials
logger.error(`Login failed for ${email}`);