Claude-Code-Workflow/.claude/skills/review-code/phases/actions/action-quick-scan.md

# Action: Quick Scan

快速扫描代码，识别高风险区域。

## Purpose

进行第一遍快速扫描：
- 识别复杂度高的文件
- 标记潜在的高风险区域
- 发现明显的问题模式

## Preconditions

- [ ] state.status === 'running'
- [ ] state.context !== null

## Execution

```javascript
async function execute(state, workDir) {
  const context = state.context;
  const riskAreas = [];
  const quickIssues = [];
  
  // 1. 扫描每个文件
  for (const file of context.files) {
    try {
      const content = Read(file);
      const lines = content.split('\n');
      
      // --- 复杂度检查 ---
      const functionMatches = content.match(/function\s+\w+|=>\s*{|async\s+\w+/g) || [];
      const nestingDepth = Math.max(...lines.map(l => (l.match(/^\s*/)?.[0].length || 0) / 2));
      
      if (lines.length > 500 || functionMatches.length > 20 || nestingDepth > 8) {
        riskAreas.push({
          file: file,
          reason: `High complexity: ${lines.length} lines, ${functionMatches.length} functions, depth ${nestingDepth}`,
          priority: 'high'
        });
      }
      
      // --- 快速问题检测 ---
      
      // 安全问题快速检测
      if (content.includes('eval(') || content.includes('innerHTML')) {
        quickIssues.push({
          type: 'security',
          file: file,
          message: 'Potential XSS/injection risk: eval() or innerHTML usage'
        });
      }
      
      // 硬编码密钥检测
      if (/(?:password|secret|api_key|token)\s*[=:]\s*['"][^'"]{8,}/i.test(content)) {
        quickIssues.push({
          type: 'security',
          file: file,
          message: 'Potential hardcoded credential detected'
        });
      }
      
      // TODO/FIXME 检测
      const todoCount = (content.match(/TODO|FIXME|HACK|XXX/gi) || []).length;
      if (todoCount > 5) {
        quickIssues.push({
          type: 'maintenance',
          file: file,
          message: `${todoCount} TODO/FIXME comments found`
        });
      }
      
      // console.log 检测（生产代码）
      if (!file.includes('test') && !file.includes('spec')) {
        const consoleCount = (content.match(/console\.(log|debug|info)/g) || []).length;
        if (consoleCount > 3) {
          quickIssues.push({
            type: 'readability',
            file: file,
            message: `${consoleCount} console statements (should be removed in production)`
          });
        }
      }
      
      // 长函数检测
      const longFunctions = content.match(/function[^{]+\{[^}]{2000,}\}/g) || [];
      if (longFunctions.length > 0) {
        quickIssues.push({
          type: 'readability',
          file: file,
          message: `${longFunctions.length} long function(s) detected (>50 lines)`
        });
      }
      
      // 错误处理检测
      if (content.includes('catch') && content.includes('catch (') && content.match(/catch\s*\([^)]*\)\s*{\s*}/)) {
        quickIssues.push({
          type: 'correctness',
          file: file,
          message: 'Empty catch block detected'
        });
      }
      
    } catch (e) {
      // 跳过无法读取的文件
    }
  }
  
  // 2. 计算复杂度评分
  const complexityScore = Math.min(100, Math.round(
    (riskAreas.length * 10 + quickIssues.length * 5) / context.file_count * 100
  ));
  
  // 3. 构建扫描摘要
  const scanSummary = {
    risk_areas: riskAreas,
    complexity_score: complexityScore,
    quick_issues: quickIssues
  };
  
  // 4. 保存扫描结果
  Write(`${workDir}/scan-summary.json`, JSON.stringify(scanSummary, null, 2));
  
  return {
    stateUpdates: {
      scan_completed: true,
      scan_summary: scanSummary
    }
  };
}
```

## State Updates

```javascript
return {
  stateUpdates: {
    scan_completed: true,
    scan_summary: {
      risk_areas: riskAreas,
      complexity_score: score,
      quick_issues: quickIssues
    }
  }
};
```

## Output

- **File**: `scan-summary.json`
- **Location**: `${workDir}/scan-summary.json`
- **Format**: JSON

## Error Handling

| Error Type | Recovery |
|------------|----------|
| 文件读取失败 | 跳过该文件，继续扫描 |
| 编码问题 | 以二进制跳过 |

## Next Actions

- 成功: action-deep-review (开始逐维度审查)
- 风险区域过多 (>20): 可询问用户是否缩小范围