Code review and validation for CloudBase projects. After writing code for Web / miniprogram / CloudRun / cloud-function projects, call this skill to check for known pitfalls — auth guard misuse, missing database tables, RLS misconfiguration, storage domain setup, and SDK API misuse. Supports automated lint scripts (regex-based) + LLM semantic review.
설치
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
Code review and validation for CloudBase projects. After writing code for Web / miniprogram / CloudRun / cloud-function projects, call this skill to check for known pitfalls — auth guard misuse, missing database tables, RLS misconfiguration, storage domain setup, and SDK API misuse. Supports automated lint scripts (regex-based) + LLM semantic review.
version
2.23.3
alwaysApply
false
Standalone Install Note
If this environment only installed the current skill, start from the CloudBase main entry and use the published cloudbase/references/... paths for sibling skills.
CloudBase main entry: https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/SKILL.md
Current skill raw source: https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/references/cloudbase-code-review/SKILL.md
Keep local references/... paths for files that ship with the current skill directory. When this file points to a sibling skill, use the standalone fallback URL shown next to that reference.
CloudBase Code Review
One-liner: After implementing CloudBase features, call this skill to catch common mistakes before the grader does.
When to use
Call this skill after completing a CloudBase implementation task, before declaring done:
You implemented auth (login / register / route guard)
You created database tables or wrote CRUD (NoSQL / PostgreSQL / MySQL)
You set up CloudBase Storage (file upload, hosting)
You configured security rules or RLS policies
You wrote MCP-dependent code
How it works
The skill runs in two layers:
Layer
Method
Speed
What it catches
Lint (optional)
No executable script is shipped. If the user approves running lint, review the code block in references/lint-rules/README.md, copy it to a temporary local cloudbase-lint.mjs, then run node cloudbase-lint.mjs --project-dir <path>
See references/RULES_INDEX.md for the full matrix (module × frontend type → applicable rules).
Rule boundary
Do not promote a single failed run or case-specific workaround into a hard rule. A rule should be backed by stable SDK/API documentation, repeated failures, or deterministic runtime behavior. Case-specific observations belong in attribution reports; only broadly applicable constraints should enter RULES_INDEX.md or the optional lint checklist.
Quick start
# Step 1: Read relevant rules for identified modules# references/rules/cross-cutting/AUTH001.md# references/rules/postgresql/PG-CR001.md# ...# Optional: if the user approves running lint, review the script code block in# references/lint-rules/README.md, copy it to a temporary cloudbase-lint.mjs,# then run: node cloudbase-lint.mjs --project-dir .# Step 2: For each applicable rule, read the "LLM 检查" section# and manually inspect your code before claiming done.
Rule format
Each rule .md file follows this structure:
# RULE-ID Rule Name-**Module**: which module (auth / postgresql / storage / ...)
-**Severity**: error | warning
-**Stage**: code-generation | deployment | config
## 正则检查 (Lint)
The condition checked by the optional script code block in `references/lint-rules/README.md`.
## LLM 检查
Semantic review prompt for human or LLM to evaluate.
## 修复指引
How to fix the issue.
