catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-03-01 15:03:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
67b2129f3c55367958d5f1c3b4a3befe20b2d556
Claude-Code-Workflow/docs/skills/claude-review.md

10 KiB
Raw Blame History

Claude Skills - Code Review

One-Liner

Code Review Skills is a multi-dimensional code quality analysis system — Through structured review dimensions and automated checks, it discovers code issues and provides fix recommendations.

Pain Points Solved

Pain Point Current State Claude Code Workflow Solution
Incomplete review dimensions Manual review easily misses dimensions 6-dimension automatic review
Chaotic issue classification Hard to distinguish severity Structured issue classification
Vague fix recommendations Lacks specific fix solutions Actionable fix recommendations
Repeated review process Each review repeats same steps Automated scanning and reporting

Skills List

Skill Function Trigger
review-code Multi-dimensional code review (6 dimensions) /review-code <target>
review-cycle Code review and fix loop /review-cycle <target>

Skills Details

review-code

One-Liner: Multi-dimensional code review — Analyzes correctness, readability, performance, security, testing, architecture six dimensions

Trigger:

/review-code <target-path>
/review-code src/auth/**
/review-code --dimensions=sec,perf src/**

Features:

  • 6-dimension review: Correctness, readability, performance, security, test coverage, architecture consistency
  • Layered execution: Quick scan identifies high-risk areas, deep review focuses on key issues
  • Structured reports: Classified by severity, provides file locations and fix recommendations
  • State-driven: Autonomous mode, dynamically selects next action based on review progress

Architecture Overview:

┌─────────────────────────────────────────────────────────────────┐
│  ⚠️ Phase 0: Specification Study (Mandatory Prerequisite)       │
│              → Read specs/review-dimensions.md                   │
│              → Understand review dimensions and issue standards  │
└───────────────┬─────────────────────────────────────────────────┘
                ↓
┌─────────────────────────────────────────────────────────────────┐
│           Orchestrator (State-driven decision)                   │
│           → Read state → Select review action → Execute → Update│
└───────────────┬─────────────────────────────────────────────────┘
                │
    ┌───────────┼───────────┬───────────┬───────────┐
    ↓           ↓           ↓           ↓           ↓
┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────┐
│ Collect │ │ Quick   │ │ Deep    │ │ Report  │ │Complete │
│ Context │ │ Scan    │ │ Review  │ │ Generate│ │         │
└─────────┘ └─────────┘ └─────────┘ └─────────┘ └─────────┘
     ↓           ↓           ↓           ↓
┌─────────────────────────────────────────────────────────────────┐
│                     Review Dimensions                            │
│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐            │
│  │Correctness│ │Readability│ │Performance│ │ Security │            │
│  └──────────┘ └──────────┘ └──────────┘ └──────────┘            │
│  ┌──────────┐ ┌──────────┐                                       │
│  │ Testing  │ │Architecture│                                      │
│  └──────────┘ └──────────┘                                       │
└─────────────────────────────────────────────────────────────────┘

⚠️ Mandatory Prerequisites:

Do not skip: Before executing any review operations, you must completely read the following documents.

Specification Documents (required):

Document Purpose Priority
specs/review-dimensions.md Review dimension definitions and checkpoints P0 - Highest
specs/issue-classification.md Issue classification and severity standards P0 - Highest
specs/quality-standards.md Review quality standards P1

Template Files (read before generation):

Document Purpose
templates/review-report.md Review report template
templates/issue-template.md Issue record template

Execution Flow:

Phase 0: Specification Study (Mandatory - Do not skip)
  → Read: specs/review-dimensions.md
  → Read: specs/issue-classification.md
  → Understand review standards and issue classification

Action: collect-context
  → Collect target files/directories
  → Identify tech stack and language
  → Output: state.context

Action: quick-scan
  → Quick scan overall structure
  → Identify high-risk areas
  → Output: state.risk_areas, state.scan_summary

Action: deep-review (per dimension)
  → Deep review per dimension
  → Record discovered issues
  → Output: state.findings[]

Action: generate-report
  → Aggregate all findings
  → Generate structured report
  → Output: review-report.md

Action: complete
  → Save final state
  → Output review summary

Review Dimensions:

Dimension Focus Areas Key Checks
Correctness Logic correctness Boundary conditions, error handling, null checks
Readability Code readability Naming conventions, function length, comment quality
Performance Performance efficiency Algorithm complexity, I/O optimization, resource usage
Security Security Injection risks, sensitive data, permission control
Testing Test coverage Test adequacy, boundary coverage, maintainability
Architecture Architecture consistency Design patterns, layering, dependency management

Issue Severity Levels:

Level Prefix Description Required Action
Critical [C] Blocking issue, must fix immediately Must fix before merge
High [H] Important issue, needs fix Should fix
Medium [M] Suggested improvement Consider fixing
Low [L] Optional optimization Nice to have
Info [I] Informational suggestion Reference only

Output Structure:

.workflow/.scratchpad/review-code-{timestamp}/
├── state.json                    # Review state
├── context.json                  # Target context
├── findings/                     # Issue findings
│   ├── correctness.json
│   ├── readability.json
│   ├── performance.json
│   ├── security.json
│   ├── testing.json
│   └── architecture.json
└── review-report.md              # Final review report

review-cycle

One-Liner: Code review and fix loop — Complete cycle of reviewing code, discovering issues, fixing and verifying

Trigger:

/review-cycle <target-path>
/review-cycle --full <target-path>

Features:

  • Review code to discover issues
  • Generate fix recommendations
  • Execute fixes
  • Verify fix effectiveness
  • Loop until passing

Loop Flow:

Review Code → Find Issues → [Has issues] → Fix Code → Verify → [Still has issues] → Fix Code
                          ↑______________|

Use Cases:

  • Self-review before PR
  • Code quality improvement
  • Refactoring verification
  • Security audit

Related Commands

Best Practices

  1. Read specifications completely: Must read specs/ documents before executing review
  2. Multi-dimensional review: Use --dimensions to specify focus areas, or use default all dimensions
  3. Quick scan: Use quick-scan first to identify high-risk areas, then deep review
  4. Structured reports: Use generated review-report.md as fix guide
  5. Continuous improvement: Use review-cycle to continuously improve until quality standards are met

Usage Examples

# Full review (6 dimensions)
/review-code src/auth/**

# Review only security and performance
/review-code --dimensions=sec,perf src/api/

# Review and fix loop
/review-cycle --full src/utils/

# Review specific file
/review-code src/components/Header.tsx

Issue Report Example

### [C] SQL Injection Risk

**Location**: `src/auth/login.ts:45`

**Issue**: User input directly concatenated into SQL query without sanitization.

**Severity**: Critical - Must fix before merge

**Recommendation**:
```typescript
// Before (vulnerable):
const query = `SELECT * FROM users WHERE username='${username}'`;

// After (safe):
const query = 'SELECT * FROM users WHERE username = ?';
await db.query(query, [username]);

Reference: specs/review-dimensions.md - Security section

Reference in New Issue View Git Blame Copy Permalink