| name | review |
| description | Instructions for reviewing Rust and Python code changes, ensuring quality, security, and correctness. |
Code Review
This skill provides a comprehensive checklist and guidelines for reviewing code changes in the VAK project.
Review Checklist
General
Rust Specific
Python Specific
VAK-Specific Checks
Architecture Guidelines
VAK follows a layered architecture with strict boundaries:
┌─────────────────────────────────────────────────────────────┐
│ Agent Layer │
└─────────────────────────────────────────────────────────────┘
│
┌─────────────────────────▼───────────────────────────────────┐
│ VAK Kernel (src/) │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ Policy │ │ Audit │ │ Memory │ │
│ │ Engine │ │ Logger │ │ Manager │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ WASM │ │ Reasoner │ │ Swarm │ │
│ │ Sandbox │ │ (NSR) │ │ Protocol │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘
Module Responsibilities
| Module | Path | Key Responsibilities |
|---|
| Policy | src/policy/ | Cedar enforcement, hot-reload, context injection |
| Audit | src/audit/ | Flight recorder, OpenTelemetry, GraphQL API |
| Memory | src/memory/ | Merkle DAG, time travel, content-addressable store |
| Sandbox | src/sandbox/ | WASM runtime, epoch ticker, pooling allocator |
| Reasoner | src/reasoner/ | Datalog, PRM, constrained decoding, prompt injection |
| Swarm | src/swarm/ | A2A protocol, consensus, voting |
| Kernel | src/kernel/ | Core orchestration, rate limiter, custom handlers |
Invariants
- Policy Enforcement: All agent actions MUST go through the policy engine (POL-004).
- Audit Logging: Critical actions MUST be logged to the immutable audit log.
- WASM Isolation: Untrusted code MUST run in the WASM sandbox.
- Deny by Default: No policy = no access (POL-007).
- Hot-Reload Safety: Policy changes are atomic via ArcSwap (POL-006).
- Panic Boundary: Host functions catch panics at WASM boundary (RT-005).
Examples
Reviewing a Rust Function
pub fn process_data(data: &[u8]) -> Result<ProcessedData, ProcessError> {
if data.is_empty() {
return Err(ProcessError::EmptyInput);
}
}
pub fn process_data(data: Vec<u8>) -> ProcessedData {
if data.is_empty() {
panic!("Empty input!");
}
}
Reviewing a Policy-Aware Function
async fn execute_tool(&self, request: ToolRequest) -> Result<ToolResult, KernelError> {
self.policy_engine.authorize(&request.principal, &request.action, &request.resource)?;
self.audit_log.record(AuditEntry::ToolExecution {
agent_id: request.agent_id,
tool: request.tool_name,
timestamp: Utc::now(),
})?;
self.sandbox.execute(request).await
}
Reviewing Host Functions
pub fn register_host_function(linker: &mut Linker<HostState>) {
linker.func_wrap("env", "my_function", |caller: Caller<'_, HostState>, arg: i32| {
with_panic_boundary(|| {
with_safe_policy_check(caller, || {
Ok(arg * 2)
})
})
});
}
Security Audit Checklist
CI Verification
Before approving, verify CI passes:
cargo check --workspace
cargo test
cargo clippy --all-targets --all-features
cargo fmt --all -- --check
cargo audit (if dependencies changed)
cargo deny check (if dependencies changed)
Notes
- Be Constructive: Focus on code improvement, not criticism.
- Explain Why: Provide reasons for requested changes.
- Verify Locally: Pull the branch and run tests if unsure.
- Security First: When in doubt, err on the side of security.