// Guide for expert code review of Chrome Extensions (Manifest V3). Detects MV3 violations, security risks, performance issues, and architectural anti-patterns.
Comprehensive guide for all common GitHub operations via gh CLI: fetching issues and PRs, creating PRs, pushing branches, listing and filtering, and managing PR lifecycle. Use this when performing any GitHub task beyond basic git commands.
Generate a factual code change handoff manifest for reviewers. Use when asked to create a review checklist, review manifest, handoff manifest, or reviewer-oriented change audit. Keywords: review checklist, review manifest, handoff manifest, code change audit, reviewer context, risk checklist.
Guide for writing, running, and debugging Playwright E2E tests for the TapWord Translator Chrome extension. Use this skill when creating new E2E tests or fixing failing tests.
| name | code-review-expert |
| description | Guide for expert code review of Chrome Extensions (Manifest V3). Detects MV3 violations, security risks, performance issues, and architectural anti-patterns. |
Perform a structured review of the current git changes with a specific focus on Chrome Extension (Manifest V3) constraints, security (CSP, message passing), and performance.
| Level | Name | Description | Action |
|---|---|---|---|
| P0 | Critical | Security vulnerability (XSS, Message Spoofing), MV3 Violation (will be rejected by Store), Data Loss | Must block merge |
| P1 | High | Service Worker lifecycle issues, significant performance regression, broken core functionality | Should fix before merge |
| P2 | Medium | Code smell, storage quota risk, minor UI/UX glitch | Fix in this PR or create follow-up |
| P3 | Low | Style, naming, minor optimization | Optional improvement |
git status -sb, git diff --stat, and git diff to scope changes.manifest.json, background (Service Worker), content scripts, popup, offscreen.manifest.json specifically regarding permissions and host_permissions.references/mv3-checklist.md.setInterval/setTimeout usage in background (should use chrome.alarms).references/extension-security-checklist.md.sender.id and sender.url checks in runtime.onMessage listeners.innerHTML usage (XSS risk) and isolation leaks.permissions are least-privilege.content_security_policy changes.externally_connectable configuration.references/extension-performance-checklist.md.chrome.storage.sync quota usage (limits are strict).references/extension-architecture-checklist.md.chrome.runtime.lastError handling.src/1_content, src/2_background, etc.).Structure your review as follows:
## Chrome Extension Review Summary
**Files reviewed**: X files, Y lines changed
**Context**: [Background / Content / Popup / Manifest / Shared]
**Overall assessment**: [APPROVE / REQUEST_CHANGES / COMMENT]
---
## Findings
### P0 - Critical
(none or list)
### P1 - High
1. **[file:line]** Brief title
- Description of issue (e.g., "Global state in Service Worker will be lost")
- Suggested fix
### P2 - Medium
2. (continue numbering across sections)
- ...
### P3 - Low
...
---
## Removal/Iteration Plan
(if applicable)
## Additional Suggestions
(optional improvements, not blocking)
Inline comments: Use this format for file-specific findings:
::code-comment{file="path/to/file.ts" line="42" severity="P1"}
Description of the issue and suggested fix.
::
After presenting findings, ask user how to proceed:
---
## Next Steps
I found X issues (P0: _, P1: _, P2: _, P3: _).
**How would you like to proceed?**
1. **Fix all** - I'll implement all suggested fixes
2. **Fix P0/P1 only** - Address critical and high priority issues
3. **Fix specific items** - Tell me which issues to fix
4. **No changes** - Review complete, no implementation needed
Please choose an option or provide specific instructions.
| File | Purpose |
|---|---|
mv3-checklist.md | Manifest V3 migration and compliance rules |
extension-security-checklist.md | Security best practices for Extensions |
extension-performance-checklist.md | Performance and quota management |
extension-architecture-checklist.md | Architecture patterns and common pitfalls |