code-review-excellence
掌握程式碼審查最佳實踐
程式碼審查經常成為團隊效率的瓶頸或摩擦來源。本技能提供結構化的技巧,幫助給予建設性的回饋、進行徹底的審查,並將每次審查轉化為知識分享的機會,從而提升程式碼品質和團隊協作。
Télécharger le ZIP du skill
Importer dans Claude
Allez dans Paramètres → Capacités → Skills → Importer un skill
Activez et commencez à utiliser
Tester
Utilisation de "code-review-excellence". How should I give feedback on this code that has a security vulnerability?
Résultat attendu:
Frame your feedback using the context-issue-solution pattern:
[Context] I noticed the payment processing logic is in the controller.
[Specific Issue] The calculateTotal() function uses string concatenation for SQL queries, which is vulnerable to injection.
[Helpful Solution] Consider using parameterized queries instead. Here's an example pattern...
Utilisation de "code-review-excellence". What are the key things to check when reviewing a pull request?
Résultat attendu:
Use the 4-phase review process:
1. Context Gathering: PR description, CI status, business requirements
2. High-Level Review: Architecture, design, file organization, testing strategy
3. Line-by-Line Review: Logic correctness, security, performance, maintainability
4. Summary: Clear decision with prioritized feedback
Audit de sécurité
Risque faibleStatic analysis detected patterns in documentation that appear concerning but are false positives. The skill is a code review guide containing examples of vulnerabilities and code patterns for educational purposes. All detected patterns (eval references, backticks, URLs, fetch calls) are documentation content, not executable code. No actual security risks found. Safe to publish.
Facteurs de risque
⚡ Contient des scripts
🌐 Accès réseau
⚙️ Commandes externes
Score de qualité
Ce que vous pouvez construire
學習有效的程式碼審查
新手開發者或團隊成員學習如何進行建設性的程式碼審查,在保持積極團隊動態的同時提升程式碼品質。
改進審查流程
希望使用系統化方法、檢查清單和回饋框架來建立或改進程式碼審查實踐的團隊。
程式碼審查協助
在準備或進行程式碼審查時,使用本技能來結構化回饋、優先處理問題,並確保全面覆蓋。
Essayez ces prompts
Help me review this pull request. I want to: 1) Understand the overall approach and architecture, 2) Check for security issues, 3) Look for performance problems, 4) Ensure the code is maintainable. What should I focus on and what questions should I ask the author?
Review this code specifically for security issues. Check for: input validation, SQL injection risks, XSS vulnerabilities, authentication gaps, hardcoded secrets, and proper error handling. What security concerns should I raise?
Review this Python code for Python-specific issues like mutable default arguments, bare except clauses, correct exception handling, and Pythonic patterns. What improvements would you suggest?
I found several issues in this code. Help me construct feedback that is: specific and actionable, educational rather than judgmental, balanced with praise for what was done well, and clearly prioritized by severity.
Bonnes pratiques
- 在 24 小時內及時審查程式碼,以維持團隊效率並尊重作者的工作
- 使用改良的三明治方法:先說明脈絡,然後是具體問題,最後是解決方案
- 清楚區分嚴重程度,使用 [blocking]、[important]、[nit] 和 [praise] 等標籤
Éviter
- 挑剔應該由 linter 自動捕捉的格式問題
- 回饋模糊或不清楚需要改變什麼
- 將回饋針對個人而非程式碼
- 當程式碼做得好的時候跳過正面回饋