Agent-Skills.md

Agent Skills: AI Business Code Review

Use when reviewing or scoring AI-generated business/application code quality in any language, especially when a numeric score, risk level, or must-fix checklist is requested, or when C++ code must comply with OpenHarmony C++ and security standards

UncategorizedID: openharmonyinsight/openharmony-skills/ai-generated-business-code-review

Repository

openharmonyinsight/openharmony-skills
openharmonyinsight
133

Install this agent skill to your local

pnpm dlx add-skill https://github.com/openharmonyinsight/openharmony-skills/tree/HEAD/skills/ai-generated-business-code-review

Skill Files

Browse the full folder contents for ai-generated-business-code-review.

Download Skill

Loading file tree…

skills/ai-generated-business-code-review/SKILL.md

Skill Metadata

Name
ai-generated-business-code-review
Description
Use when reviewing or scoring AI-generated business/application code quality in any language, especially when a numeric score, risk level, or must-fix checklist is requested, or when C++ code must comply with OpenHarmony C++ and security standards

AI Business Code Review

Overview

Review AI-generated business/application code for correctness, robustness, maintainability, performance, and security. Output a 0-10 score, a risk level, and a must-fix checklist. For C++ code, REQUIRED: use openharmony-cpp and openharmony-security-review as hard constraints.

When to Use

  • AI-generated business/app code review or quality evaluation
  • Need scoring, risk level, or must-fix checklist
  • C++ business code must meet OpenHarmony coding/security requirements

Workflow

  1. Identify language and code type (business vs test). If test code, use ai-generated-ut-code-review instead.
  2. For C++: load and apply openharmony-cpp + openharmony-security-review as mandatory constraints.
  3. Inspect behavior vs requirements, edge cases, error handling, resource management, and security.
  4. Score by rubric, assign risk level, list must-fix items with concrete evidence (file/line or snippet).

Scoring (0-10)

Each dimension 0-2 points. Sum = total score.

| Dimension | 0 | 1 | 2 | | --- | --- | --- | --- | | Correctness | Wrong/missing key behavior | Partial/assumptions | Meets requirements | | Robustness | Crashes/leaks/unchecked errors | Some edge handling | Solid edge/error handling | | Maintainability | Hard to read/modify | Mixed quality | Clear structure & naming | | Performance | Inefficient hot paths | Acceptable but improvable | Efficient for expected load | | Security | Clear vulnerabilities | Weak validation/unsafe | Safe-by-default, validated |

Risk Levels

  • Blocker: security漏洞、严重逻辑错误、或违反 C++ 强制规范
  • High: 关键路径缺失、异常处理不完整、明显资源泄漏
  • Medium: 维护性或性能风险显著
  • Low: 轻微问题或风格一致性

Must-Fix Checklist

  • 外部输入有明确校验与错误反馈
  • 关键异常路径可达且可观测(日志/错误码/异常)
  • 资源释放或 RAII 保证(C++)
  • C++ 场景满足 openharmony-cppopenharmony-security-review

AI-Generated Code Pitfalls (Check Explicitly)

  • 需求误解、隐含前提错误
  • 只覆盖 happy-path,忽略异常/边界
  • 吞异常或默认值不合理
  • 复制粘贴造成重复与不一致
  • 过度复杂化或抽象错误

Output Format (Required, Semi-fixed)

  • Score: x/10 — Correctness x, Robustness x, Maintainability x, Performance x, Security x
  • Risk: Low/Medium/High/Blocker — 简述风险原因(1 行)
  • Must-fix:
    • [动作 + 证据]
    • [动作 + 证据]
  • Key Evidence:
    • 引用具体函数/类/路径(1-2 条)
  • Notes:
    • 最小修复建议或替代方案(1-2 行)

Rules:

  • C++ 必须在 Key EvidenceMust-fix 中明确指出违反 openharmony-cpp/openharmony-security-review 的点
  • 至少 2 条证据;证据不足需说明并降分
  • 禁止只给总体评价

Common Mistakes

  • 只给总体评价,不给证据
  • 忽略 C++ 强制规范
  • 将风格问题当作阻断风险

Example (Concise)

Score: 6/10 (Correctness 1, Robustness 1, Maintainability 1, Performance 1, Security 2) Risk: High Must-fix:

  • Missing input validation in createUser() (null/empty, length, format)
  • Error path swallows exceptions without logging Key Evidence:
  • createUser() accepts raw input without checks
  • catch block is empty in persistUser() Notes:
  • Add explicit validation and return structured errors.