Comprehensive code review checklist covering security, performance, TypeScript standards, NextJS patterns, accessibility, error handling, and test coverage. Stack-aware — applies web, mobile, or fullstack sections as appropriate. Automatically loaded by the reviewer agent.
Installation
Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.
Comprehensive code review checklist covering security, performance, TypeScript standards, NextJS patterns, accessibility, error handling, and test coverage. Stack-aware — applies web, mobile, or fullstack sections as appropriate. Automatically loaded by the reviewer agent.
user-invokable
false
Code Review Checklist
Apply each section systematically to every file changed in the review scope.
Use severity levels: Critical (must fix), Warning (should fix),
Suggestion (consider for improvement).
1. Security
No hardcoded secrets, API keys, or credentials in code
All user input validated server-side (Zod schemas on API routes)
SQL injection prevented (Prisma parameterized queries only, no raw SQL)
XSS prevented (no dangerouslySetInnerHTML without sanitization)
CSRF protection on all state-changing endpoints
Authentication checked on all protected API routes
Authorization verified (users can only access their own data)
Rate limiting considered for public-facing endpoints
Sensitive data not logged or exposed in error messages