requesting-code-review
請求 AI 程式碼審查
也可從以下取得: davila7,DMJGilbert,DYAI2025,Cygnusfear,Cycleaddict,CodingCossack,obra
開發者經常因為過於接近實作而忽略自己程式碼中的問題。此技能會派遣 AI 子代理程式來根據需求審查程式碼變更,在合併前檢查品質、架構、測試和生產環境就緒狀態。
下載技能 ZIP
在 Claude 中上傳
前往 設定 → 功能 → 技能 → 上傳技能
開啟並開始使用
測試它
正在使用「requesting-code-review」。 Request code review for my authentication module changes
預期結果:
### Strengths
- Clean separation of concerns with auth service (auth.ts:1-50)
- Proper password hashing using bcrypt (hash.ts:15)
- Good test coverage for edge cases
### Issues
#### Important
1. **Missing token expiration check**
- File: auth.ts:45
- Issue: Tokens never expire, creating security risk
- Fix: Add expiration timestamp to JWT payload
#### Minor
1. **Inconsistent error messages**
- File: auth.ts:30-35
### Assessment
**Ready to merge: With fixes**
**Reasoning:** Core authentication logic is solid. Important issue with token expiration must be addressed before production use.
正在使用「requesting-code-review」。 Review my database migration changes
預期結果:
### Strengths
- Proper foreign key constraints (migrations/002.sql:20)
- Good rollback strategy
### Issues
#### Critical
1. **No backup before destructive operation**
- File: migrations/003.sql:15
- Issue: DROP TABLE without backup strategy
- Fix: Add data migration script or backup step
### Assessment
**Ready to merge: With fixes**
**Reasoning:** Critical data safety issue must be resolved.
安全審計
安全All 27 static findings are false positives. The skill uses legitimate git commands (git diff, git rev-parse) for code review - these are standard development operations. The detected 'weak cryptographic algorithm' patterns match the word 'security' in documentation headings, not actual crypto code. The 'system reconnaissance' matches are generic text. This is a safe code review workflow skill with no command injection risk - git commands use hardcoded arguments with template variable placeholders.
風險因素
偵測到的模式
品質評分
你能建構什麼
合併前的程式碼審查
在合併功能分支前使用,以及早發現問題。子代理程式會根據需求審查所有變更並提供明確的準備就緒/未準備就緒判定。
子代理程式任務驗證
在代理程式驅動開發中每個子代理程式完成任務後,派遣程式碼審查者來驗證工作後再繼續下一個任務。
卡在問題上
當卡在複雜的錯誤或功能上時,請求程式碼審查以從 AI 子代理程式獲得關於潛在問題或更好方法的全新觀點。
試試這些提示
Request code review for the changes I just made. Use the requesting-code-review skill with: WHAT_WAS_IMPLEMENTED: [describe what you built], PLAN_OR_REQUIREMENTS: [link to plan or describe requirements], BASE_SHA: [starting commit], HEAD_SHA: [ending commit], DESCRIPTION: [brief summary]
Please review my latest feature implementation using the requesting-code-review skill. Compare against the requirements in docs/plans/[feature-name].md. Include architecture assessment and testing coverage evaluation.
Run the code-reviewer subagent to verify the task just completed. Check against the original task requirements and report any Critical or Important issues that need fixing before proceeding.
Request a code review of the current state of [component/module] before I refactor it. This will serve as a baseline to ensure the refactoring does not introduce regressions.
最佳實務
- 請求審查時提供明確的需求或計劃參考 — 子代理程式會根據這些來比較實作
- 在代理程式驅動開發中每個重要任務後進行審查,以防止問題累積
- 在繼續之前修復 Critical 和 Important 問題;在後續工作中處理 Minor 問題
避免
- 因為變更看起來簡單就跳過審查 — 即使是小變更也可能有隱藏的錯誤
- 忽略 Critical 問題或繼續進行未修復的 Important 問題
- 請求審查時未提供明確的需求或計劃供子代理程式比較