code-review-playbook
Standardize Code Reviews
Inconsistent reviews slow teams and make feedback harder to act on. This skill provides checklists, comment formats, and templates for clear review workflows.
Download the skill ZIP
Upload in Claude
Go to Settings → Capabilities → Skills → Upload skill
Toggle on and start using
Agent-readable resources
Use these links when an AI agent, crawler, or script needs clean context instead of reading the full page.
Test it
Using "code-review-playbook". Review a PR that adds payment retry logic and new tests.
Expected outcome:
- Summary of the change and review decision.
- Blocking issues grouped by severity and file location.
- Non-blocking suggestions with clear rationale.
- Testing gaps and follow-up actions.
Using "code-review-playbook". Help write a PR description for a new API endpoint.
Expected outcome:
- Concise description of what changed and why.
- Testing instructions for reviewers.
- Security, database, and compatibility checklist items.
- Risk notes and rollback considerations.
Using "code-review-playbook". Turn informal review notes into conventional comments.
Expected outcome:
- Comments labeled as issue, suggestion, question, nitpick, praise, or security.
- Blocking status is made explicit where needed.
- Each comment explains impact and recommended action.
Security Audit
Medium RiskStatic command, crypto, reconnaissance, and network flags were reviewed as Markdown examples, checklist labels, or documentation links rather than executable behavior. No malicious intent, prompt-injection text, credential exfiltration, or runnable command execution was found. The main concern is that copyable LLM review automation examples interpolate untrusted diffs and code into prompts without prompt-injection guidance.
Medium Risk Issues (1)
Low Risk Issues (3)
Quality Score
What You Can Build
Review Pull Requests Consistently
Use the checklist and comment labels to review changes with clear severity and actionable feedback.
Prepare Changes Before Review
Run a self-review with the pull request template before asking teammates for feedback.
Define Team Review Standards
Adopt the templates and process guidance as a baseline for team review norms.
Try These Prompts
Use the code-review-playbook to review this small pull request. Focus on correctness, tests, and clear conventional comments.
Use the pull request template from the code-review-playbook to help me prepare a complete PR description and testing notes.
Use the review feedback patterns to classify these comments as blocking, non-blocking, questions, or nitpicks.
Use the code-review-playbook to create a team review policy with severity labels, reviewer expectations, and merge criteria.
Best Practices
- Review the pull request description and tests before reading line-by-line changes.
- Use conventional labels to make severity and merge impact clear.
- Separate must-fix defects from preferences and follow-up improvements.
Avoid
- Blocking a merge for subjective style preferences that automation can handle.
- Leaving vague feedback without explaining the impact or a possible fix.
- Approving large or risky changes without checking tests, security, and rollout impact.