Stats
Actions
Tags
From sdd-mcp
Performs Linus Torvalds-style code reviews on files, directories, git diffs, or PRs, checking correctness, simplicity, maintainability, and project conventions. Use after implementation.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sdd-mcp:sdd-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Perform comprehensive code reviews in the style of Linus Torvalds - direct, thorough, and focused on what matters: correctness, simplicity, and long-term maintainability.
Perform comprehensive code reviews in the style of Linus Torvalds - direct, thorough, and focused on what matters: correctness, simplicity, and long-term maintainability.
"Talk is cheap. Show me the code." — Linus Torvalds
This review focuses on:
Determine what to review:
/sdd-review src/services/UserService.ts/sdd-review src/services//sdd-review HEAD~3..HEAD/sdd-review PR-123 or /sdd-review MR-45Before reviewing:
.spec/steering/.spec/specs/## Correctness Issues
### Critical
- [ ] Logic errors that will cause bugs
- [ ] Race conditions or threading issues
- [ ] Resource leaks (files, connections, memory)
- [ ] Unhandled error conditions
### Important
- [ ] Edge cases not handled
- [ ] Assumptions that may not hold
- [ ] Off-by-one errors
- [ ] Type mismatches or unsafe casts
Ask these questions:
Check against project conventions:
## Pattern Violations
### Naming
- [ ] Variables don't follow naming convention
- [ ] Functions named for implementation, not purpose
### Structure
- [ ] Logic in wrong layer (controller doing business logic)
- [ ] Missing separation of concerns
- [ ] Circular dependencies introduced
### Error Handling
- [ ] Swallowed exceptions
- [ ] Generic error messages
- [ ] Missing error propagation
Structure feedback with clear categories:
# Code Review: {file/PR description}
## Summary
Brief overall assessment (1-2 sentences)
## 🚨 Must Fix (Blocking)
Issues that must be resolved before merge:
1. **Line 42**: Memory leak - connection never closed
```diff
- const conn = await getConnection();
+ const conn = await getConnection();
+ try { ... } finally { conn.close(); }
Issues that should be addressed but won't block:
Improvements that would be nice but are truly optional:
Array.flatMap()Acknowledge good patterns to reinforce them:
### Step 5: Verify Tests
For any code changes:
1. Check if tests exist for modified code
2. Verify edge cases are tested
3. Run existing tests to ensure no regressions
```bash
# Run tests for affected files
npm test -- --findRelatedTests {changed-files}
| Level | Meaning | Action Required |
|---|---|---|
| 🚨 Critical | Bug, security issue, data loss risk | Must fix before merge |
| ⚠️ Warning | Code smell, potential issue | Should fix, discuss if disagree |
| 💡 Info | Suggestion, style preference | Optional, author's choice |
any type usage without justificationWhen reviewing implementation:
.spec/specs/{feature}/requirements.md.spec/specs/{feature}/design.md.spec/specs/{feature}/tasks.md# Code Review: UserAuthService.ts
## Summary
Good overall structure but has a critical security issue and some error handling gaps.
## 🚨 Must Fix
1. **Line 67**: Password stored in plain text in error log
```typescript
// BAD: Leaks credentials
logger.error(`Login failed for ${email} with password ${password}`);
// GOOD: Never log credentials
logger.error(`Login failed for ${email}`);
npx claudepluginhub yi-john-huang/sdd-mcpReviews code changes for correctness, readability, architecture, security, and performance. Checks lint, type safety, test coverage, and security issues. Use for PRs, audits, or pre-merge reviews.
Reviews and verifies code before merge via triage-first checks (up to 16 parallel agents). Pipeline mode verifies vs plans; general mode for PRs/branches/staged changes. Flags findings only.
Systematically evaluates pull requests for correctness, design, readability, and tests, delivering actionable and kind feedback based on Google's engineering practices.