| name | code-review |
| description | Analyze the current git diff or staged changes for bugs, security issues, missing error handling, and breaking changes. Produces a structured review report. Use before committing or after making changes.
|
| allowed-tools | bash read grep |
Code Review
Perform a thorough code review of current changes.
Step 1: Get the diff
git diff HEAD
If there are no unstaged changes, check staged:
git diff --cached
If reviewing the last commit:
git diff HEAD~1
Step 2: Read changed files
For each file that appears in the diff, read the FULL file (not just the diff hunk). You need the surrounding context to evaluate whether changes are correct.
Step 3: Analyze for issues
Check every change for:
Bugs
- Off-by-one errors, null/undefined dereferences
- Logic errors in conditionals
- Race conditions, incorrect async/await usage
- Wrong variable scope
Security
- SQL injection, command injection, path traversal
- Hardcoded secrets or credentials
- Missing input validation
- Insecure deserialization
Error handling
- Uncaught exceptions
- Missing error propagation
- Silent failures (empty catch blocks)
- Resource leaks (unclosed files, connections)
Breaking changes
- Changed function signatures
- Removed exports
- Modified API contracts
- Database schema changes
Missing pieces
- No tests for changed behavior
- No documentation for new public APIs
- Missing null checks at boundaries
Step 4: Output
Produce this exact format:
## Review Summary
Brief description of what changed.
## Issues
### [CRITICAL] file.ts:line — Description
Explanation and suggested fix.
### [HIGH] file.ts:line — Description
...
### [MEDIUM] file.ts:line — Description
...
### [LOW] file.ts:line — Description
...
## Clean
Things that look correct.
## Verdict: APPROVE | REQUEST_CHANGES
If there are no issues, say APPROVE with a brief note about what looks good.