caveman-review
Review code with compressed one-line comments
Code review feedback is often verbose and repetitive, burying actionable items in polite filler. This skill formats each review finding as a single line with exact location, problem, and fix.
Download the skill ZIP
Upload in Claude
Go to Settings → Capabilities → Skills → Upload skill
Toggle on and start using
Test it
Using "caveman-review". Review a function that fetches user data without error handling
Expected outcome:
- L12: 🔴 bug: fetchUser returns null on miss. Add null check before .email access.
- L15: 🟡 risk: no timeout on fetch call. Add AbortController with 5s deadline.
- L8-22: 🔵 nit: 15-line fn could extract error handler. Reduce duplication.
Using "caveman-review". Review a multi-file pull request adding a new API endpoint
Expected outcome:
- routes/user.js:L34: 🔴 bug: req.params.id passed directly to query. Use parameterized query.
- routes/user.js:L41: 🟡 risk: no rate limit on POST /users. Add express-rate-limit middleware.
- tests/user.test.js:L5: ❓ q: test covers happy path only. Should 400 and 500 cases be added?
Security Audit
SafeAll 13 static analysis findings are false positives. The static scanner misidentified markdown backtick inline code formatting as Ruby/shell command execution across 11 locations. The network and weak-crypto detections at lines 3 and 7 are also incorrect — those lines contain YAML frontmatter metadata and trigger descriptions, not actual network calls or cryptographic operations. This skill is a pure markdown instruction file that defines code review formatting behavior for AI agents. It contains no executable code, no network requests, no command execution, and no file system operations. Safe for publication.
Quality Score
What You Can Build
Fast PR review for busy teams
Review pull requests with concise one-line comments that highlight bugs, risks, and suggestions without verbose explanations.
Standardized review comments across teams
Apply consistent formatting to all code review feedback so every comment follows the same location-problem-fix pattern.
Self-review before submitting a pull request
Ask the AI to review your own code diff before opening a pull request, catching issues early with minimal noise.
Try These Prompts
Review this code and tell me what to fix.
Review this diff and use severity prefixes for each finding.
Review this multi-file diff. Include file names with line references for each finding.
Review this code for security vulnerabilities. Use full explanations for any security findings.
Best Practices
- Provide the code or diff directly in your prompt so the review has concrete material to analyze
- Use severity prefixes to communicate urgency at a glance: bug for broken code, risk for fragile patterns, nit for style suggestions
- Request full explanations for security findings by relying on the built-in auto-clarity rule that expands those automatically
Avoid
- Asking the skill to write the actual code fix — it only outputs review comments, not patches
- Expecting approval or change-request actions — the skill produces comments ready to paste into a pull request but does not interact with the platform
- Using compressed format for onboarding new developers who need more context and rationale for each suggestion