// Structured code review protocol for inspecting code quality against the full rule set. Use when auditing code written by yourself or another agent, during the /audit workflow, or when the user asks for a code review.
Token-efficient communication protocol. Activate ONLY when: (1) user explicitly requests it (e.g., "use omni", "be concise", "compress output"), (2) dispatched as a sub-agent in /workflow-team pipelines where token budget matters, or (3) agent-to-agent communication via /omni headless modifier. Never activate by default in normal conversations — users expect natural language responses unless they opt in. Compresses prose form while preserving 100% technical accuracy. Code blocks, tool calls, file paths, and data are NEVER compressed.
Pre-flight checklist and post-implementation self-review protocol. Use before generating any code (pre-flight) and after writing code but before verification (self-review) to catch issues early.
Comprehensive protocol for validating root causes of software issues. Use when you need to systematically debug a complex bug, flaky test, or unknown system behavior by forming hypotheses and validating them with specific tasks.
Profile-driven performance optimization protocol. Use when profiling data (CPU, heap, trace) is available or when the user requests performance analysis. Covers methodology, pattern catalog, safety invariants, and when-to-stop heuristics. Language-specific tooling is in languages/*.md.
Architecture Decision Record skill for documenting significant architectural decisions with context, options, and consequences. Use during the Research phase when choosing between approaches, or whenever the user asks to document an architectural decision.
OpenAPI 3.1 specification writing, request/response examples, error documentation, versioning, and interactive API portal patterns.
| name | code-review |
| description | Structured code review protocol for inspecting code quality against the full rule set. Use when auditing code written by yourself or another agent, during the /audit workflow, or when the user asks for a code review. |
Systematically review code against the full antigravity rule set. Catches issues that linters miss: architectural violations, missing observability, business logic errors, pattern inconsistencies.
/audit workflow (Phase 1: Code Review)Identify the files/features to review. Determine the review scope:
Read all applicable rules from .agents/rules/. Use rule-priority.md for severity classification.
Review each file/feature against these categories, in order from rule-priority.md:
Output a structured findings document:
# Code Review: {Feature/Module Name}
Date: {date}
Reviewer: AI Agent (fresh context)
## Summary
- **Files reviewed:** N
- **Issues found:** N (X critical, Y major, Z minor, W nit)
## Critical Issues
- [ ] **[SEC]** {description} — [{file}:{line}](file:///path)
- [ ] **[DATA]** {description} — [{file}:{line}](file:///path)
## Major Issues
- [ ] **[TEST]** {description} — [{file}:{line}](file:///path)
- [ ] **[OBS]** {description} — [{file}:{line}](file:///path)
## Minor Issues
- [ ] **[PAT]** {description} — [{file}:{line}](file:///path)
## Nit
- [ ] {description} — [{file}:{line}](file:///path)
## Rules Applied
List of rules referenced during this review.
When invoked via the /audit workflow, you MUST persist the findings to the repo:
Path: docs/audits/review-findings-{feature}-{YYYY-MM-DD}-{HHmm}.md
docs/audits/ if it doesn't existWhen invoked as a standalone review (not via /audit), saving to docs/audits/ is recommended but optional.
| Tag | Category | Rule Source |
|---|---|---|
[SEC] | Security | security-principles.md |
[DATA] | Data integrity | error-handling-principles.md |
[RES] | Resource leak | resources-and-memory-management-principles.md |
[TEST] | Testability | architectural-pattern.md, testing-strategy.md |
[OBS] | Observability | logging-and-observability-mandate.md |
[ERR] | Error handling | error-handling-principles.md |
[ARCH] | Architecture | architectural-pattern.md, project-structure.md |
[PAT] | Pattern consistency | code-organization-principles.md |
[INT] | Integration contract | api-design-principles.md |
[DB] | Database design | database-design-principles.md |
[CFG] | Configuration | configuration-management-principles.md |
Load the anti-pattern checklist for the language(s) under review:
| Language | Anti-Patterns |
|---|---|
| Go | languages/go.md |
| TypeScript | languages/typescript.md |
| Python | languages/python.md |
| Rust | languages/rust.md |
| Java | languages/java.md |
| C# | languages/csharp.md |
| Swift | languages/swift.md |
| Flutter/Dart | languages/flutter.md |
| C++ | languages/cpp.md |
| Kotlin | languages/kotlin.md |
| PHP | languages/php.md |
| Ruby | languages/ruby.md |
Anti-patterns listed in language files are auto-fail — they require no judgment call. If the pattern exists in the code, it is a finding.
For full audits, cross-boundary concerns (integration contracts, database schema, configuration hygiene, dependency health, test coverage gaps) are checked via the dedicated dimension checklist in the /audit workflow — Phase 1.5: Cross-Boundary Review.
When invoking this skill standalone (outside /audit), apply the applicable dimensions from that checklist manually and tag findings with [INT], [DB], or [CFG] as appropriate.
Zero-Findings Guard: If this review produces fewer than 3 findings, you MUST produce a "Dimensions Covered" attestation section in the findings document, listing each cross-boundary dimension and the specific files or queries you examined. Only then may you declare a clean result.
This skill enforces all rules in .agents/rules/. Key references: