Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

$pwd:

code-review

Name: Code Review
Author: maslennikov-ig

// Analyzes code changes for bugs, security vulnerabilities, performance problems, and architectural improvements. Generates structured markdown reports with evidence-based findings tied to specific file:line references, and creates Beads tasks for tracking. Adapts review depth based on scope — from quick pre-commit checks to thorough branch reviews. Use proactively when reviewing code before commits, after implementing features, before PRs, when checking code quality, or when the user mentions "review", "check changes", "code review", "PR review", "review branch", or any code quality assessment.

Ejecutar en Manus

$ git log --oneline --stat

stars:2

forks:0

updated:4 de marzo de 2026, 11:11

SKILL.md

readonly

name

code-review

description

Analyzes code changes for bugs, security vulnerabilities, performance problems, and architectural improvements. Generates structured markdown reports with evidence-based findings tied to specific file:line references, and creates Beads tasks for tracking. Adapts review depth based on scope — from quick pre-commit checks to thorough branch reviews. Use proactively when reviewing code before commits, after implementing features, before PRs, when checking code quality, or when the user mentions "review", "check changes", "code review", "PR review", "review branch", or any code quality assessment.

Code Review

Review code directly in the main context. Read the code, analyze git history, write the report, create Beads tasks.

The goal is risk reduction, not perfect code. "Heartbleed was 2 lines" — size doesn't determine risk. Focus on findings that matter: real bugs, security gaps, and meaningful improvements. If the code is clean, say so.

Workflow

Scope → Git History → Read & Analyze → Quality Gates → Report → Beads Tasks → Summary

Step 1: Determine Scope

User says	Scope	Command
"review my changes"	Staged + unstaged	`git diff --name-only` + `git diff --cached --name-only`
"review before commit"	Staged only	`git diff --cached --name-only`
"review the branch"	Branch vs base	`git diff --name-only develop...HEAD`
"review PR #N"	PR diff	`gh pr diff N --name-only`
"review src/foo/"	Specific path	Read files in path
"review recent changes"	Last N commits	`git diff --name-only HEAD~N`

If ambiguous, ask. Skip non-reviewable: *.lock, *.min.js, *.map, generated database.types.ts.

Adapt depth to scale:

1-5 files: Exhaustive line-by-line analysis
6-20 files: Focus on risky areas (auth, data handling, new patterns)
20+ files: Surgical — prioritize security-critical paths, new APIs, schema changes

Step 2: Analyze Git History

Do not skip this. Surface analysis misses regressions that history reveals.

# What changed and why
git log --oneline -10 -- <changed-files>

# Was validation/auth logic removed?
git log -p --all -S 'functionName' -- <file>

Look for:

Removed safety checks — validation, auth, error handling deleted without replacement
Reverted patterns — code going back to a previously fixed approach
Blast radius — if a shared utility changed, who else uses it?

Step 3: Read & Analyze

Read each changed file or diff. Separate findings into Issues (broken/dangerous) and Improvements (works but could be better).

Issues — things that need fixing

Priority	When	Examples
Critical (P0)	Security vulnerability or data loss	Exposed secrets, SQL injection, missing auth, RLS gaps
High (P1)	Will cause bugs in production	Stale closures, unhandled crashes, wrong types via `as any`
Medium (P2)	Should fix but won't break things	Empty catch blocks, missing input validation
Low (P3)	Cleanup	Dead code, leftover console.log

Improvements — things that could be better

Priority	When	Examples
High	Significant impact on maintenance/perf	N+1 queries, monolithic 500+ line components, missing code-splitting
Medium	Moderate benefit	DRY violations, missing memoization, inconsistent patterns
Low	Minor polish	Naming, minor readability tweaks

What makes a good finding

Good finding (specific, evidence-based, actionable):

FlashcardViewer.tsx:237 — `onCardFlip` defined as plain function inside render body,
creating new reference every render. This defeats React.memo on FlashcardCard (line 22).
Fix: wrap in useCallback([handleFlip]).

Bad finding (vague, no evidence):

Consider improving performance of the component.

Frame uncertain points as questions: "Is the 80px swipe threshold intentional? On small screens this may be hard to trigger."

Escalation flags

Flag for senior review (don't just note — explicitly call out):

Database schema changes or migrations
API contract modifications (new/changed endpoints)
Authentication or authorization logic
New external dependencies
Changes to shared utilities used by multiple packages

Step 4: Quality Gates

pnpm type-check
pnpm build

If either fails, it's a Critical finding. Include pass/fail in report.

Step 5: Generate Report

Write to: docs/reports/code-reviews/{YYYY-MM}/CR-{YYYY-MM-DD}-{topic}.md

Use this structure, but adapt — a 2-file i18n review doesn't need the same sections as a 20-file refactor:

# Code Review: {Topic}

**Date**: {YYYY-MM-DD}
**Scope**: {what was reviewed}
**Files**: {count} | **Changes**: +{added} / -{removed}

## Summary

|              | Critical | High | Medium | Low |
| ------------ | -------- | ---- | ------ | --- |
| Issues       | {n}      | {n}  | {n}    | {n} |
| Improvements | —        | {n}  | {n}    | {n} |

**Verdict**: {PASS | NEEDS WORK}

## Issues

### {Priority}

#### {n}. {Title}

- **File**: `{path}:{line}`
- **Problem**: {what's wrong}
- **Impact**: {why it matters — be specific}
- **Fix**: {concrete code or action}

## Improvements

### {Priority}

{same format, "Current" / "Recommended" for code}

## Positive Patterns

{Note 2-3 things done well — balanced feedback}

## Escalation

{Items requiring senior review, if any}

## Validation

- Type Check: {PASS/FAIL}
- Build: {PASS/FAIL}

Every finding must have: file:line, evidence of the problem, and a concrete fix. No generic advice.

Step 6: Create Beads Tasks

# Issues
bd create "BUG: {title}" -t bug -p {0-3} -d "{file}:{line} — {description}. Fix: {fix}"

# Improvements
bd create "IMPROVE: {title}" -t chore -p {2-4} -d "{file}:{line} — {description}"

# Label all
bd update {id} --add-label code-review

Step 7: Present Summary

## Code Review Complete

**Report**: `{path}`
**Verdict**: {PASS / NEEDS WORK}

| Priority | Issues | Improvements |
|---|---|---|
| Critical | {n} | — |
| High | {n} | {n} |
| Medium | {n} | {n} |
| Low | {n} | {n} |

**Beads tasks created**: {total} ({list IDs})

**Next**: {actionable guidance based on verdict}

Project Conventions

These are specific to this codebase — the things you wouldn't know without being told:

Types: Import from @megacampus/shared-types, never duplicate
Supabase: Two admin clients by design (Node.js + Next.js runtimes)
Quality: pnpm type-check && pnpm build must pass before merge
Monorepo: packages/web (Next.js), packages/course-gen-platform (backend), packages/shared-*
i18n: next-intl with ICU MessageFormat plurals, locales in packages/web/messages/{en,ru}/
Styling: Tailwind + shadcn/ui, cn() utility for conditional classes
State: No global state management — React hooks + context
Don't flag: Two Supabase admin clients (intentional), generated database.types.ts (auto-generated)

related-skills.json

mismo repositorio

job-description.md

from "maslennikov-ig/MC-2"

Generate comprehensive role guides (job descriptions on steroids) for any position. Multi-phase workflow with web research, adaptive questions, 26 content blocks based on Netflix/Amazon/Toyota/Spotify/Bridgewater best practices, and course brief generation. Use /job-description to create a role guide.

2026-03-222

process-logs.md

from "maslennikov-ig/MC-2"

Process error logs from admin panel - fetch new errors, analyze, create tasks, fix, and mark resolved. Checks Axiom/Pino if DB entries are filtered.

2026-02-272

cleanup-health-inline.md

from "maslennikov-ig/MC-2"

Inline orchestration workflow for dead code detection and removal with Beads integration. Provides step-by-step phases for dead-code-hunter detection, priority-based cleanup with dead-code-remover, and verification cycles.

2026-02-082

deps-health-inline.md

from "maslennikov-ig/MC-2"

Inline orchestration workflow for dependency audit and updates with Beads integration. Provides step-by-step phases for dependency-auditor detection, priority-based updates with dependency-updater, and verification cycles.

2026-02-082

format-commit-message.md

from "maslennikov-ig/MC-2"

Generate standardized conventional commit messages with Claude Code attribution. Use when creating automated commits, release commits, or any git commit requiring consistent formatting.

2026-02-082

frontend-aesthetics.md

from "maslennikov-ig/MC-2"

Guide frontend design decisions to create distinctive, creative UIs that avoid generic AI-generated aesthetics. Use when building UI components, designing layouts, selecting colors/fonts, or implementing animations.

2026-02-082

package.json

"author": "maslennikov-ig"

"repository": "maslennikov-ig/MC-2"

Abrir repositorio de GitHub Ver repositorios del creador

$ install --global

$ download --local

Ejecutar en Manus

$ useful --forSOC

Analistas de garantía de calidad de software y probadoresOcupaciones informáticas y matemáticas15-1253L4

code-review

Code Review

Workflow

Step 1: Determine Scope

Step 2: Analyze Git History

Step 3: Read & Analyze

Issues — things that need fixing

Improvements — things that could be better

What makes a good finding

Escalation flags

Step 4: Quality Gates

Step 5: Generate Report

Step 6: Create Beads Tasks

Step 7: Present Summary

Project Conventions

Más de este repositorio

Más de este repositorio

Code Review

Workflow

Step 1: Determine Scope

Step 2: Analyze Git History

Step 3: Read & Analyze

Issues — things that need fixing

Improvements — things that could be better

What makes a good finding

Escalation flags

Step 4: Quality Gates

Step 5: Generate Report

Step 6: Create Beads Tasks

Step 7: Present Summary

Project Conventions