con un clic
ddev-code-review
在 ddev-gate 工作流中执行代码质量审查。使用 codegraph 做结构影响分析,覆盖安全、性能、可维护性,按严重程度分级输出。
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Menú
在 ddev-gate 工作流中执行代码质量审查。使用 codegraph 做结构影响分析,覆盖安全、性能、可维护性,按严重程度分级输出。
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Basado en la clasificación ocupacional SOC
在当前会话里按已写好的实现计划顺序执行任务时使用
在已有规格或多步骤任务需求、且在动代码之前使用。若上游 ddev-pc-test 已产出测试用例,自动走 TDD 流程:先实现测试 demo 代码(红灯),再实现被测代码(绿灯),测试覆盖不到的部分直接开发。
文档审查技能。将文档审查任务派发给独立子代理,重点审查文档基于代码改动的合理性、说明正确性、前后一致性、错漏和逻辑谬误,以及 AI 实现过程中产生的决策记录(implementation-notes.md)。当用户需要审查技术文档、spec文档、设计文档、计划文档、API文档、README 或任何与代码改动相关的文档时使用。
代码修改场景下,spec 文档确认后,需要继续以图优先方式梳理结构体定义、数据流和流程时使用
在代码修改前需要编写 spec 文档且应优先用图表达边界、入口、流程和改动关系时使用(仅限代码改动场景,非项目级架构文档初始化)
在代码实现完成后、准备结束任务或进入发布前使用,用来核对代码实现是否与 spec 文档以及 detail 文档一致,并通过代码质量审查、清理、编码规范和注释审查后给出最终验收结论
| name | ddev-code-review |
| description | 在 ddev-gate 工作流中执行代码质量审查。使用 codegraph 做结构影响分析,覆盖安全、性能、可维护性,按严重程度分级输出。 |
ddev-gate 工作流的代码质量审查阶段。使用 codegraph 做结构影响分析,覆盖安全、代码质量、性能、最佳实践和可维护性,按严重程度分级输出报告。
由 ddev-gate skill 在清理阶段之后、编码规范审查之前调度。也可独立触发于以下场景:
C 项目注意:
ddev-gate工作流中 C 项目不再单独调用本 skill。代码质量审查职责已由ddev-c-pro吸收(统一完成规范审查 + 代码质量审查)。非 C 项目仍走ddev-code-review+ 语言规范审查的分离流程。独立触发(用户直接要求 review)时 C 项目可正常使用。
Always load tool-routing alongside this skill to ensure correct codegraph/grep dispatch during structural analysis.
Delegates to the code-reviewer agent for deep analysis. The agent follows a 4-phase pipeline:
git diff (or git diff --staged) to find changed files and symbolsgit log to understand recent commit contextBefore reading any source file, understand the architecture:
| Step | Tool | Purpose |
|---|---|---|
| 2a | codegraph_codegraph_context | For each changed symbol, get architectural context: entry points, related symbols, key code |
| 2b | codegraph_codegraph_impact | Assess change radius — what downstream code could be affected |
| 2c | codegraph_codegraph_callers | Trace who calls changed symbols — identify all integration points |
| 2d | codegraph_codegraph_search | Find related symbols by name — catch hidden coupling |
| 2e | codegraph_codegraph_trace | For data flow changes, trace from entry point to sink |
Rule: Never start code-level review without first completing Phase 2. The structural analysis drives scope and reveals hidden risks that grep alone misses.
Structured output with severity ratings, file:line evidence, concrete fixes, and approval recommendation.
| Severity | Meaning | Action |
|---|---|---|
| CRITICAL | Security vulnerability, data loss, crash | Must fix before merge |
| HIGH | Bug, major code smell, perf regression | Should fix before merge |
| MEDIUM | Minor issue, technical debt | Fix when possible |
| LOW | Style, nitpick, suggestion | Consider fixing |
Dispatch to the code-reviewer agent with a prompt covering all 4 phases:
CODE REVIEW TASK
Scope: [files changed from git diff, or specific files/dirs]
PHASE 1 — Identify: Run git diff, list changed files and symbols.
PHASE 2 — Structural Analysis (MANDATORY): For each changed symbol, use:
- codegraph_codegraph_context to understand architecture
- codegraph_codegraph_impact to assess change radius
- codegraph_codegraph_callers to find integration points
- codegraph_codegraph_trace for data flow paths
PHASE 3 — Deep Review: Check security, quality, performance, best practices, maintainability.
PHASE 4 — Report: Structured output (see Output Format below).
Every review MUST end with this exact structure:
CODE REVIEW REPORT
==================
Files Reviewed: <N>
Total Issues: <N>
CRITICAL (<N>)
--------------
<#> file:line
Issue: <description>
Risk: <impact>
Fix: <concrete solution>
HIGH (<N>)
----------
...
MEDIUM (<N>)
------------
...
LOW (<N>)
---------
...
RECOMMENDATION: APPROVE | REQUEST CHANGES | COMMENT
APPROVE — No CRITICAL or HIGH issues, minor improvements only REQUEST CHANGES — CRITICAL or HIGH issues present COMMENT — Only LOW/MEDIUM issues, no blocking concerns