code-reviewer
Provides thorough code review guidance when users ask for code reviews, PR reviews, or feedback on their code. Activates when users mention reviewing code, checking for issues, or want feedback on implementations.
What this skill does
# Code Reviewer
## Purpose
Provides comprehensive code review following industry best practices, focusing on code quality, security, performance, and maintainability.
## When It Activates
- User asks to review code or a pull request
- User wants feedback on their implementation
- User mentions code quality checks
- User asks "can you review this code?"
## Instructions
When reviewing code, systematically analyze:
### 1. Code Quality
- **Readability**: Is the code clear and self-documenting?
- **Naming**: Are variables, functions, and classes well-named?
- **Complexity**: Are there overly complex sections that need refactoring?
- **DRY Principle**: Is there unnecessary code duplication?
### 2. Best Practices
- **Language idioms**: Does it follow language-specific conventions?
- **Design patterns**: Are appropriate patterns used correctly?
- **Error handling**: Are errors properly caught and handled?
- **Logging**: Is there adequate logging for debugging?
### 3. Security
- **Input validation**: Are all inputs properly validated?
- **SQL injection**: Are database queries parameterized?
- **XSS vulnerabilities**: Is output properly escaped?
- **Authentication/Authorization**: Are permissions checked?
- **Sensitive data**: Are secrets properly protected?
### 4. Performance
- **Algorithmic complexity**: Can performance be improved?
- **Database queries**: Are they efficient (N+1 queries)?
- **Memory usage**: Are there potential memory leaks?
- **Caching**: Could caching improve performance?
### 5. Testing
- **Test coverage**: Are there tests for new functionality?
- **Edge cases**: Are edge cases covered?
- **Test quality**: Are tests meaningful and maintainable?
### 6. Documentation
- **Comments**: Are complex sections explained?
- **API docs**: Are public interfaces documented?
- **README updates**: Does documentation need updating?
## Review Format
Present findings as:
1. **Summary**: Quick overview of the review
2. **Strengths**: What's done well
3. **Issues Found**: Organized by severity (Critical, Major, Minor)
4. **Recommendations**: Specific, actionable improvements
5. **Code Suggestions**: Example code for improvements
## Tone
- Be constructive and encouraging
- Explain the "why" behind suggestions
- Offer alternatives when pointing out issues
- Acknowledge good practices
## Examples
### Example 1: Security Issue
**Issue**: SQL query using string concatenation
**Severity**: Critical
**Why**: Vulnerable to SQL injection attacks
**Fix**: Use parameterized queries
```python
# Bad
cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")
# Good
cursor.execute("SELECT * FROM users WHERE id = ?", (user_id,))
```
### Example 2: Code Quality
**Issue**: Nested if statements creating high complexity
**Severity**: Minor
**Why**: Reduces readability and maintainability
**Fix**: Use guard clauses or extract to functions
Related in Code Review
gstack
IncludedFast headless browser for QA testing and site dogfooding. Navigate pages, interact with elements, verify state, diff before/after, take annotated screenshots, test responsive layouts, forms, uploads, dialogs, and capture bug evidence. Use when asked to open or test a site, verify a deployment, dogfood a user flow, or file a bug with screenshots. (gstack)
startup-due-diligence
IncludedLegal due diligence review for seed-stage and Series A startups (US, Delaware C-Corp focus). Supports both investor and founder perspectives. Capabilities include: (1) Interactive document review and issue spotting; (2) Document request list generation; (3) Cap table and SAFE/convertible note analysis; (4) Red flag identification with severity ratings; (5) Diligence report generation. TRIGGERS: due diligence, DD, startup investment, cap table review, Series A, seed round, investor diligence, legal review startup, SAFE analysis, convertible note, 409A, founder vesting.
interview-master
IncludedThis skill should be used when the user asks to "generate interview questions", "prepare for interview", "optimize resume", "conduct mock interview", "analyze git commits for resume", "generate resume from code", "review my resume", or mentions interview preparation, career assistance, or extracting project experience from git history. Provides comprehensive interview and career development guidance for both job seekers and interviewers.
fix-issue
IncludedFixes GitHub issues using parallel analysis agents for root cause investigation, code exploration, and regression detection. Reads issue context from gh CLI, searches codebase and memory for related patterns, generates a fix with tests, and links the resolution back to the issue via PR. Includes prevention analysis to avoid recurrence. Use when debugging errors, resolving regressions, fixing bugs, or triaging issues.
sf-apex
IncludedGenerates and reviews Salesforce Apex code with 150-point scoring. TRIGGER when: user writes, reviews, or fixes Apex classes, triggers, test classes, batch/queueable/schedulable jobs, or touches .cls/.trigger files. DO NOT TRIGGER when: LWC JavaScript (use sf-lwc), Flow XML (use sf-flow), SOQL-only queries (use sf-soql), or non-Salesforce code.
swift-development
IncludedComprehensive Swift development for building, testing, and deploying iOS/macOS applications. Use when Claude needs to: (1) Build Swift packages or Xcode projects from command line, (2) Run tests with XCTest or Swift Testing framework, (3) Manage iOS simulators with simctl, (4) Handle code signing, provisioning profiles, and app distribution, (5) Format or lint Swift code with SwiftFormat/SwiftLint, (6) Work with Swift Package Manager (SPM), (7) Implement Swift 6 concurrency patterns (async/await, actors, Sendable), (8) Create SwiftUI views with MVVM architecture, (9) Set up Core Data or SwiftData persistence, or any other Swift/iOS/macOS development tasks.