一键导入
review-rules
Use when reviewing code for correctness, security, performance, or style — including /review tasks, PR reviews, and post-build quality passes.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Use when reviewing code for correctness, security, performance, or style — including /review tasks, PR reviews, and post-build quality passes.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | review-rules |
| description | Use when reviewing code for correctness, security, performance, or style — including /review tasks, PR reviews, and post-build quality passes. |
BLOCKERs must be fixed. WARNINGs should be fixed but will not block. SUGGESTIONs are optional.
Apply all lenses to every review:
typeof guards protect against missing globals? BLOCKER if CDN failure cascades into unrelated functionality.visual-check.sh run? WARNING if HTML/CSS changed but no visual verification performed.REVIEW COMPLETE
---------------
BLOCKERs (must fix): N
WARNINGs (should fix): N
SUGGESTIONs (optional): N
[BLOCKER-1] file.ts:42 — Description of issue
FIX: Exactly what needs to change
[WARNING-1] file.ts:78 — Description
FIX: What to change
Be direct. Do not pad. Do not praise. Only flag real issues.
review-rules is cross-cutting. When combined with domain skills (frontend-rules, backend-rules), domain-specific constraints take precedence for their respective layers.
Use when updating documentation, README sections, CHANGELOG entries, docstrings, or CLAUDE.md conventions after a feature is complete.
Use when the task involves server-side API routes, middleware, business logic, authentication, database queries, or infrastructure configuration.
Task and document management with Backlog.md. Use this skill whenever working with tasks, tracking work, creating subtasks, searching or viewing existing tasks, or any time work should be preserved across sessions or handed off. Triggers include: "create a task", "track this", "add to backlog", "what tasks do I have", "mark as done", "continue on task", "break this into tasks", or any request where the outcome has a concrete deliverable worth tracking. Always use this skill when a project includes a Backlog.md setup and work needs to be logged. Prefer CLI commands unless MCP tools are confirmed working in the current environment.
Use when adversarial code review is needed — actively constructing failure scenarios, edge cases, and security violations to break the implementation.
Run code review via an external LLM API using external-review.sh. Outputs structured JSON with verdict, summary, and per-file concerns.
Use when the task involves UI components, HTML, CSS, styling, React, Vue, Svelte, client-side state, accessibility, or browser APIs.