Code Reviewer
Overview
Provides comprehensive code review capabilities including quality analysis, security scanning, and best practice recommendations.
Instructions
When reviewing code:
- Read the code thoroughly before making any suggestions
- Identify issues by category:
- Security vulnerabilities (OWASP Top 10)
- Performance concerns
- Code style and readability
- Logic errors and bugs
- Missing error handling
- Prioritize feedback from critical to minor
- Suggest fixes with concrete code examples
Review Categories
Security
- SQL injection, XSS, command injection
- Authentication/authorization flaws
- Sensitive data exposure
- Insecure dependencies
Performance
- N+1 queries
- Memory leaks
- Unnecessary computations
- Missing caching opportunities
Quality
- DRY violations
- SOLID principle violations
- Complex conditionals
- Missing tests
Examples
Example: Security Review
User Request: "Review this login function for security issues"
Response Format:
## Security Review: login()
### Critical Issues
1. **SQL Injection** (Line 15)
- Current: `query = f"SELECT * FROM users WHERE email='{email}'"`
- Fix: Use parameterized queries
### Recommendations
- Add rate limiting
- Implement account lockout
Guidelines
Do
- Be specific with line numbers when possible
- Provide working code examples for fixes
- Prioritize actionable feedback
- Acknowledge good patterns when found
- Read entire file before commenting
Don't
- Nitpick style issues (leave to linters)
- Block on subjective preferences
- Review generated/vendored code
- Make vague suggestions without examples