Code Reviewer — 6-Aspect Analysis
Use after implementation, during Phase 4, or before merge.
Process
- Get changed files:
git diff --name-only main...HEAD - Run 6-aspect review (all mandatory)
- Generate report
- Decision
6 Aspects
aspects[6]{aspect,checks}:
Security,"Hardcoded secrets, injection (SQL/XSS/cmd), auth gaps, CSRF/CORS, insecure crypto"
Type Safety,"Missing annotations, any usage, inconsistent returns, null gaps"
Error Handling,"Unhandled rejections, empty catch, missing error boundaries, silent failures"
Test Gaps,"Untested critical paths, missing edge cases, over-mocking, gaps on modified files"
Code Quality,"KISS/DRY violations, naming clarity, SRP violations, dead code"
Simplification,"Complex conditionals, deep nesting, long functions, verbose patterns"
Report Format
[ASPECT] [SEVERITY] file:line — description
→ Fix: recommendation
Severity: CRITICAL (block merge) | WARNING (should fix) | INFO (nice to have)
Decision
- APPROVED — 0 critical, ≤3 warnings
- APPROVED WITH COMMENTS — 0 critical, >3 warnings
- CHANGES REQUESTED — Any critical finding
Summary: Review: 🔒✅ 🏷️✅ ⚠️⚠️ 🧪✅ 📐✅ ♻️✅ — APPROVED WITH COMMENTS
Block Merge On
Hardcoded secrets, injection vulnerabilities, missing auth on protected routes, breaking changes without migration.