Menú
Reviews code changes for correctness, quality, security, and rule compliance. Works on local files or a GitHub PR. Produces a structured report with severity levels and a pass/fail verdict.
React composition patterns that scale. Use when refactoring components with boolean prop proliferation, building flexible component libraries, or designing reusable APIs. Triggers on tasks involving compound components, render props, context providers, or component architecture. Includes React 19 API changes.
Generates a technical specification document for a new feature or product.
Implements a feature based on a provided technical specification, ensuring build stability and strict adherence to the spec through a sub-agent code review. Creates a feature branch, commits changes, and raises a PR on completion.
QA skill for browser-based UI validation and functional test plan execution. Handles authentication and routes to the appropriate reference based on the task.
Sets up a Git worktree for a task or feature. Derives a branch name from the task description, creates an isolated worktree directory, copies env files, and installs dependencies. Use when starting work on a new feature or task in isolation.
Autonomously plans, specs, implements, and raises a PR for a task — without requiring the human to be present for the planning phase. Use this skill when the user hands off a task and asks you to handle it end-to-end, or when phrases like "auto-implement", "handle this autonomously", "fire and forget", or "work on this without me" appear. Also use when the user provides a task description and signals they want to review the output rather than participate in the planning.
| name | code-review |
| description | Reviews code changes for correctness, quality, security, and rule compliance. Works on local files or a GitHub PR. Produces a structured report with severity levels and a pass/fail verdict. |
Be ambitious and rigorous. The goal is not to rubber-stamp the implementation — it is to produce a review that a senior engineer would consider genuinely useful. Push beyond the obvious: look for subtle bugs, design flaws, missed edge cases, and rule violations that a surface-level read would miss. An extensive review that surfaces real issues is always preferable to a quick pass that finds nothing.
Review the specific files or directories mentioned by the user, or the files contextually relevant to the current task (e.g. files just implemented or modified). Read the files directly. No git branch comparison is needed — you may be on any branch or none.
If the user explicitly provides a PR number or URL, fetch the diff using whichever is available:
pull_request_read tool with method: "get_diff", providing the owner, repo, and PR number.gh pr diff <number-or-url>Then review the diff output instead of reading files directly.
/unit-testing) before evaluating. Are they asserting on outcomes (return values, thrown errors) rather than implementation details (which methods were called, in what order)? Do they cover real edge cases rather than just the happy path? Do test names describe observable behaviour? Would these tests catch a regression if the implementation changed? If a testing skill is available and relevant to the code under review, do the tests follow the conventions and patterns that skill prescribes?You have two sources of rules — apply both, with project rules taking priority where they overlap.
1. Global rules — already available to you. Use them as the baseline.
2. Project rules — look for a rules directory in the project. Common locations:
.agents/rules/.claude/rules/.cursor/rules/If a project rules directory exists, list the filenames only first. Based on the filenames and the files being reviewed, determine which rules are likely relevant — do not read any rule file yet. Then read only the rule files whose names suggest they apply to the current context. For example, a rule named database-index-creation.md is irrelevant for a purely frontend change. Use judgment; never load all rules up front.
If no project rules directory exists, proceed with global rules only.
If the diff contains React or Next.js code, run /vercel-react-best-practices before evaluating the checklist items below.
any or unknown types introduced without justification? Are type assertions (as SomeType) or non-null assertions (!) used where proper narrowing should be? Are function return types explicitly declared for public APIs? Are optional fields accessed without null checks? Are generics used where they'd eliminate unsafe casting? Does the code rely on type widening that could hide mismatches?Always produce a report in this exact structure:
## Code Review Report
### Blockers
- <file>:<line> — <description>
### Warnings
- <file>:<line> — <description>
### Suggestions
- <file>:<line> — <description>
### Verdict
PASS / FAIL (FAIL if any Blockers exist)
If a section has no findings, write None under it. Do not omit sections.