Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

Loslegen

ultrareview

Sterne10

Forks3

Aktualisiert23. Juni 2026 um 14:39

Deep code review using Claude Code's thorough analysis mode — security, performance, correctness, and maintainability

Installation

Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.

In Manus ausführen

Quelle

UitbreidenOS

UitbreidenOS/Claudient

GitHub-Repository öffnen Creator-Repositorys ansehen

Download

In Manus ausführen

Verwandte BerufeSOC

Basierend auf der SOC-Berufsklassifikation

Softwarequalitätssicherungsanalysten und -testerInformatik- und Mathematikberufe·SOC 15-1253

SKILL.md

readonly

name	ultrareview
description	Deep code review using Claude Code's thorough analysis mode — security, performance, correctness, and maintainability

Ultrareview Skill

When to activate

Reviewing PRs with security-sensitive changes (auth, payments, data access)
Evaluating performance-critical code paths (hot loops, database queries, network calls)
Assessing architectural decisions in large PRs (new abstractions, pattern changes)
Pre-merge review for release branches
Auditing code before compliance reviews (SOC2, HIPAA, PCI)

When NOT to use

Trivial PRs (typo fixes, config changes, documentation only)
WIP/draft PRs that aren't ready for review
PRs that only add tests

Instructions

Understand context. Read the PR description, linked issues, and related code before diving into the diff.
Review in layers. Go through the changes 3 times, each with a different lens:

Pass 1 — Correctness:
- Does the logic handle all edge cases?
- Are error conditions handled properly?
- Do types/interfaces match between producer and consumer?
- Are there race conditions or timing issues?
Pass 2 — Security:
- Input validation (SQL injection, XSS, path traversal)?
- Authentication and authorization checks present?
- Sensitive data exposure (logs, error messages, API responses)?
- Dependency vulnerabilities introduced?
Pass 3 — Maintainability:
- Is the code readable without comments explaining the obvious?
- Are abstractions at the right level (not too much, not too little)?
- Would a new team member understand this in 5 minutes?
- Are there hidden assumptions that should be documented?
Categorize findings:
- BLOCKER: Must fix before merge (security vulnerability, data loss risk, correctness bug)
- IMPORTANT: Should fix before merge (performance issue, poor error handling, missing validation)
- SUGGESTION: Nice to have (better naming, simpler approach, additional test)
- NIT: Optional polish (style preference, minor readability)
Provide actionable feedback. For each finding:
- What's wrong and why it matters
- Specific suggestion for how to fix it
- Code example if helpful
Acknowledge good patterns. Call out well-written code, clever solutions, or good test coverage.

Example

PR: "Add user search endpoint"

## Ultrareview Results

### BLOCKER
- **SQL Injection in search query** (api/users/search.js:42)
  The search term is interpolated directly into the SQL string.
  Fix: Use parameterized queries.
  ```js
  // Before (vulnerable)
  db.query(`SELECT * FROM users WHERE name LIKE '%${query}%'`)
  // After (safe)
  db.query('SELECT * FROM users WHERE name LIKE $1', [`%${query}%`])

IMPORTANT

Missing rate limiting — Search endpoints are expensive and abuse-prone. Add rate limiting: 10 req/min per user.
No pagination — Large result sets will OOM. Add LIMIT/OFFSET with max 100 per page.

SUGGESTION

Extract search logic — The handler mixes HTTP concerns with business logic. Consider a UserSearchService class for testability.

NIT

Variable q on line 15 → rename to searchQuery for clarity.

👍 Good stuff

Solid test coverage including empty query, special chars, and unicode.
Good use of indexes on the search columns.


---

Built with [Claudient](https://github.com/UitbreidenOS/Claudient) · [Claude Code](https://claude.com/claude-code)

Mehr aus diesem Repository

gleiches Repository

agent-teams

UitbreidenOS/Claudient

Orchestrate multi-agent teams in Claude Code — set up coordinated sessions with task delegation, inter-agent communication, and parallel execution

2026-06-2310

ultraplan

UitbreidenOS/Claudient

Leverage Claude Code's ultra-deep planning mode for complex architecture decisions, multi-file refactors, and system design

2026-06-2310

swarm-sandbox

UitbreidenOS/Claudient

Safe isolated testing environment for multi-agent swarm topologies before production deployment

2026-06-2210

auto-summarizer

UitbreidenOS/Claudient

Automatically summarizes the current session context to prevent token window overflow.

2026-06-2210

prune-context

UitbreidenOS/Claudient

Claude Code context pruner: slash command to summarize session and reset token bloat

2026-06-1910

campaign-tracker

UitbreidenOS/Claudient

Produces a campaign performance summary from session-log.md entries. Reports open rates, reply rates, and meeting conversion rates per sequence. Flags top performers (reply rate >10%) and underperformers (reply rate <3%). Recommends one concrete change per underperforming sequence.

2026-06-1710

Ultrareview Skill

When to activate

Reviewing PRs with security-sensitive changes (auth, payments, data access)

Evaluating performance-critical code paths (hot loops, database queries, network calls)

Assessing architectural decisions in large PRs (new abstractions, pattern changes)

Pre-merge review for release branches

Auditing code before compliance reviews (SOC2, HIPAA, PCI)

When NOT to use

Trivial PRs (typo fixes, config changes, documentation only)

WIP/draft PRs that aren't ready for review

PRs that only add tests

Instructions

Understand context. Read the PR description, linked issues, and related code before diving into the diff.

Review in layers. Go through the changes 3 times, each with a different lens:

Pass 1 — Correctness:

Does the logic handle all edge cases?
Are error conditions handled properly?
Do types/interfaces match between producer and consumer?
Are there race conditions or timing issues?

Pass 2 — Security:

Input validation (SQL injection, XSS, path traversal)?
Authentication and authorization checks present?
Sensitive data exposure (logs, error messages, API responses)?
Dependency vulnerabilities introduced?

Pass 3 — Maintainability:

Is the code readable without comments explaining the obvious?
Are abstractions at the right level (not too much, not too little)?
Would a new team member understand this in 5 minutes?
Are there hidden assumptions that should be documented?

Categorize findings:

BLOCKER: Must fix before merge (security vulnerability, data loss risk, correctness bug)
IMPORTANT: Should fix before merge (performance issue, poor error handling, missing validation)
SUGGESTION: Nice to have (better naming, simpler approach, additional test)
NIT: Optional polish (style preference, minor readability)

Provide actionable feedback. For each finding:

What's wrong and why it matters
Specific suggestion for how to fix it
Code example if helpful

Acknowledge good patterns. Call out well-written code, clever solutions, or good test coverage.

Example

PR: "Add user search endpoint" ## Ultrareview Results ### BLOCKER - **SQL Injection in search query** (api/users/search.js:42) The search term is interpolated directly into the SQL string. Fix: Use parameterized queries. ```js // Before (vulnerable) db.query(`SELECT * FROM users WHERE name LIKE '%${query}%'`) // After (safe) db.query('SELECT * FROM users WHERE name LIKE $1', [`%${query}%`])

IMPORTANT

Missing rate limiting — Search endpoints are expensive and abuse-prone. Add rate limiting: 10 req/min per user.

No pagination — Large result sets will OOM. Add LIMIT/OFFSET with max 100 per page.

SUGGESTION

Extract search logic — The handler mixes HTTP concerns with business logic. Consider a UserSearchService class for testability.

NIT

Variable q on line 15 → rename to searchQuery for clarity.

👍 Good stuff

Solid test coverage including empty query, special chars, and unicode.

Good use of indexes on the search columns.

--- Built with [Claudient](https://github.com/UitbreidenOS/Claudient) · [Claude Code](https://claude.com/claude-code)