# Review Report Template > 用途: 代码审查报告模板,用于 review-code 输出 ## 模板 ```markdown # Code Review Report > **Target**: {target-path} > **Generated**: {YYYY-MM-DD HH:MM} > **Reviewer**: {skill-name} > **Session**: {session-id} ## Executive Summary | Metric | Value | |--------|-------| | **Overall Score** | {X/100} | | Files Reviewed | {N} | | Total Issues | {N} | | Critical | {N} | | High | {N} | | Medium | {N} | | Low | {N} | ### Quality Grade {A/B/C/D} **Rationale**: 简要说明评分理由 --- ## Dimensions Summary | Dimension | Score | Issues | Top Issues | |-----------|-------|--------|------------| | Correctness | {X/10} | {N} | [C] Issue 1, [H] Issue 2 | | Readability | {X/10} | {N} | [M] Issue 3 | | Performance | {X/10} | {N} | [H] Issue 4 | | Security | {X/10} | {N} | [C] Issue 5 | | Testing | {X/10} | {N} | [L] Issue 6 | | Architecture | {X/10} | {N} | [M] Issue 7 | --- ## Risk Areas Identified | Area | Risk Level | Files | Issues | |------|------------|-------|--------| | {area1} | {High/Medium/Low} | {file list} | {N} issues | | {area2} | {High/Medium/Low} | {file list} | {N} issues | --- ## Detailed Findings ### Correctness: {X/10} **Summary**: 简要总结正确性方面的发现 #### [C] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述(1-2 句话) **Severity**: Critical - 必须修复 **Recommendation**: ```typescript // Before (problematic) const code = "problematic code"; // After (fixed) const code = "fixed code"; ``` **Reference**: [specs/review-dimensions.md](specs/review-dimensions.md) - Correctness section --- #### [H] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述 **Severity**: High - 应该修复 **Recommendation**: ```typescript // Fix suggestion const fixedCode = "fixed code"; ``` --- ### Readability: {X/10} **Summary**: 简要总结可读性方面的发现 #### [M] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述 **Severity**: Medium - 建议改进 **Recommendation**: ```typescript // Suggestion const betterCode = "more readable code"; ``` --- ### Performance: {X/10} **Summary**: 简要总结性能方面的发现 #### [H] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述 **Severity**: High - 影响性能 **Recommendation**: ```typescript // Optimization const optimizedCode = "optimized code"; ``` --- ### Security: {X/10} **Summary**: 简要总结安全方面的发现 #### [C] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述 **Severity**: Critical - 安全风险 **Recommendation**: ```typescript // Security fix const secureCode = "secure code"; ``` --- ### Testing: {X/10} **Summary**: 简要总结测试方面的发现 #### [L] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述 **Severity**: Low - 建议添加测试 **Recommendation**: ```typescript // Test example describe('Function', () => { it('should handle edge case', () => { // test code }); }); ``` --- ### Architecture: {X/10} **Summary**: 简要总结架构方面的发现 #### [M] {Issue Title} **Location**: `{file-path}:{line}` **Issue**: 问题描述 **Severity**: Medium - 架构改进建议 **Recommendation**: ```typescript // Architecture suggestion // Consider using {pattern} instead ``` --- ## Recommendations ### Priority Actions (Do First) 1. **[Critical] Fix security vulnerability in {file}:{line}** - Action: 修复 SQL 注入风险 - Estimate: 1 hour 2. **[Critical] Handle null pointer in {file}:{line}** - Action: 添加空检查 - Estimate: 30 minutes ### High Priority (Do Soon) 3. **[High] Optimize performance bottleneck in {file}:{line}** - Action: 重构算法 - Estimate: 2 hours ### Medium Priority (Do When Possible) 4. **[Medium] Improve code readability in {file}:{line}** - Action: 重构函数 - Estimate: 1 hour --- ## Appendix ### Files Reviewed | File | Lines | Issues | Score | |------|-------|--------|-------| | {file1} | {N} | {N} | {X/10} | | {file2} | {N} | {N} | {X/10} | | {file3} | {N} | {N} | {X/10} | ### Issue Distribution ``` Critical: ████ 4 High: ████████ 8 Medium: ████████████ 12 Low: ██████ 6 ``` ### Review Metadata | Key | Value | |-----|-------| | Review Duration | {X minutes} | | Review Method | {Quick Scan + Deep Review} | | Dimensions Covered | {All / Specific} | | Review Configuration | {config details} | --- ## Next Steps 1. **Review this report**: 确认所有问题理解正确 2. **Fix Critical issues**: 优先修复高风险问题 3. **Run review-cycle**: 使用 `/review-cycle` 自动修复和验证 4. **Re-review**: 修复后重新审查确认 --- **Generated by**: {skill-name} v{version} **Review Standards**: [specs/review-dimensions.md](specs/review-dimensions.md) ``` ## 使用说明 1. **触发**: review-code Phase 4 2. **输入**: Phase 3 的 findings 数据 3. **输出**: review-report.md 4. **格式**: Markdown,支持 GitHub/GitLab 渲染 --- ## 示例 ### 简化示例 ```markdown # Code Review Report > **Target**: src/auth/** > **Generated**: 2026-03-01 10:30 > **Reviewer**: review-code ## Executive Summary | Metric | Value | |--------|-------| | **Overall Score** | 65/100 | | Files Reviewed | 5 | | Total Issues | 15 | | Critical | 2 | | High | 4 | | Medium | 6 | | Low | 3 | ### Quality Grade **C - Needs Improvement** 存在 2 个严重安全问题需要立即修复 --- ## Dimensions Summary | Dimension | Score | Issues | |-----------|-------|--------| | Correctness | 6/10 | 3 | | Readability | 7/10 | 2 | | Performance | 7/10 | 2 | | Security | 4/10 | 4 | | Testing | 5/10 | 2 | | Architecture | 6/10 | 2 | --- ## Detailed Findings ### Security: 4/10 #### [C] SQL Injection Risk **Location**: `src/auth/login.ts:45` **Issue**: 用户输入直接拼接 SQL,可被注入攻击 **Severity**: Critical - 必须修复 **Recommendation**: ```typescript // Before (vulnerable) const query = `SELECT * FROM users WHERE id='${userId}'`; // After (safe) const query = 'SELECT * FROM users WHERE id = ?'; await db.query(query, [userId]); ``` --- ### Correctness: 6/10 #### [H] Null Pointer Risk **Location**: `src/auth/user.ts:23` **Issue**: user 对象可能为 null **Severity**: High - 可能导致崩溃 **Recommendation**: ```typescript // Add null check if (user?.profile) { return user.profile.name; } return 'Anonymous'; ``` --- ## Recommendations ### Priority Actions 1. **[Critical] Fix SQL injection in login.ts:45** - Use parameterized queries - Estimate: 1 hour 2. **[Critical] Add null check in user.ts:23** - Add optional chaining - Estimate: 15 minutes ```