一键在 Manus 中运行任何 Skill

code-review

Perform deep, context-aware code reviews for GitHub pull requests or local branch changes. Use when the user asks to review a PR, analyze pull request changes, review current branch changes, run automated code review, or mentions PR

在 Manus 中运行

星标0

分支0

更新时间2026年5月22日 16:29

来源

Operatorr

Operatorr/vibe-translate

打开 GitHub 仓库查看创作者相关仓库

安装命令

下载

在 Manus 中运行

适用职业SOC

软件质量保证分析师与测试员计算机与数学类职业15-1253L4

文件资源管理器

4 个文件

SKILL.md

readonly

name	code-review
description	Perform deep, context-aware code reviews for GitHub pull requests or local branch changes. Use when the user asks to review a PR, analyze pull request changes, review current branch changes, run automated code review, or mentions PR

Code Review

Review code like a senior engineer: understand the intent, inspect the diff in context, run available checks, identify real risks, and produce actionable feedback with copy-paste-ready handoff prompts.

Use Cases

Review PR #123 with full context
/skill:code-review https://github.com/OWNER/REPO/pull/123
Review the current branch against main as if it were a PR
Do a security-focused review of this PR
Review these local changes but do not post to GitHub

Principles

Prioritize bugs, security issues, data loss, regressions, broken edge cases, missing tests, and maintainability risks.
Do not nitpick personal style. Only flag style issues when they violate explicit project rules.
Be specific and actionable. Every finding should include the exact file/location, impact, and a concrete fix.
Review only by default. Do not edit code unless the user explicitly asks you to fix the issues.
Treat a direct GitHub PR URL as permission to post the completed review back to that PR, unless the user says not to post.
Keep local branch reviews, file-only reviews, and non-URL PR references terminal-only unless the user explicitly asks to post.
User wording such as "do not post", "review only", "don't comment", or "terminal only" overrides any posting permission.

Workflow

Follow this process for every review.

Phase 1: Establish the Review Target

Determine both the review target and the output destination. Review targets can be:

A GitHub PR, e.g. PR #123
The current branch against a base branch, usually main or master
Uncommitted local changes
A specific set of files

Output destination rules:

Direct GitHub PR URL, e.g. https://github.com/OWNER/REPO/pull/123 — post one PR comment by default.
GitHub PR number or shorthand, e.g. PR #123 — print to terminal unless the user explicitly asks to post.
Local branch, uncommitted, or file-only review — print to terminal unless the user explicitly asks to post and provides a PR target.
Any explicit "do not post" wording — print to terminal only.

For direct GitHub PR URLs with posting enabled, run gh auth status before resolving PR metadata. If gh is unavailable or auth fails, mark posting unavailable, continue terminal-only when the PR diff can still be gathered, and include the failure reason with the terminal review.

For GitHub PRs, gather PR metadata and diff with gh when available. Use the PR URL when one was provided:

gh auth status
gh pr view <url-or-number> --json title,body,author,baseRefName,headRefName,files,commits,url
gh pr diff <url-or-number>

For local branch reviews, inspect the merge base and diff:

git status --short
git branch --show-current
git merge-base HEAD origin/main 2>/dev/null || git merge-base HEAD main
git diff <merge-base>...HEAD

Adjust the base branch if the repository uses a different default branch.

Phase 2: Gather Project Context

Read the changed files and enough surrounding code to understand the impact. Also check project standards in this priority order:

REVIEW.md in the target repository root, if present
CLAUDE.md, .claude.md, or equivalent agent instructions
CONTRIBUTING.md, coding standards, architecture docs, ADRs
Package/tooling files such as package.json, pyproject.toml, go.mod, Cargo.toml, etc.
Existing nearby tests and similar implementations

Treat the target repo's REVIEW.md as the highest-priority review rules.

If this skill's bundled reference files are available, use them as support material:

REFERENCE.md — examples, output templates, severity guidance
PROJECT_REVIEW_TEMPLATE.md — starter REVIEW.md users can copy into a project

Phase 3: Run Available Checks

When safe and available, run relevant checks for the repository:

Type checks
Unit tests for changed areas
Linters/format checks
Security scanners if already configured

Do not install new tools or run destructive commands without permission. If checks are too expensive or unavailable, say so and continue with manual review.

Phase 4: Analyze in Order

Analyze the change in this order:

Intent — What is the PR/change trying to accomplish?
Correctness — logic errors, invalid assumptions, broken edge cases, race conditions, bad state transitions
Security — auth/authz, injection, unsafe input handling, secrets, SSRF, XSS, unsafe deserialization, sensitive logging
Reliability — error handling, retries, idempotency, null/undefined handling, resource cleanup
Data & API compatibility — migrations, schema changes, response shapes, backwards compatibility
Testing — missing coverage for new logic, regression tests, edge cases, integration boundaries
Performance — N+1 queries, hot path regressions, unnecessary expensive work
Maintainability — unnecessary complexity, duplicated logic, poor naming, inconsistency with project patterns

For large PRs, focus first on Critical and High issues. Summarize lower-severity patterns instead of producing noisy line-by-line comments.

Severity Scale

Critical — security vulnerability, data loss, production crash, auth bypass, major regression
High — logic bug, missing critical error handling, broken feature, serious performance issue
Medium — missing test, maintainability risk, code smell likely to cause future bugs, minor behavior issue
Low/Nit — explicit project style violation or small clarity issue

Rule of thumb: if you would not block a real merge for it, do not mark it Medium or higher.

Output Format

Start with a short overall assessment. Then list findings from highest to lowest severity.

For every issue, use this format:

## [Severity] Issue: [Short descriptive title]

**File:** `path/to/file.ext:line-range`
**Category:** Bug | Security | Logic | Reliability | Maintainability | Testing | Performance | Style

**Problem:**
[Clear 1-2 sentence explanation of what is wrong and why it matters.]

**Impact:**
[Specific consequence if this is not fixed.]

**Suggested Fix:**
```diff
[Exact unified diff, or a precise before/after code block if a diff is not practical.]
```

**Handoff Prompt:**
```
In the file `path/to/file.ext`, around lines X-Y:

[Detailed, self-contained instruction explaining the exact change needed, why it is required, edge cases to consider, and how to verify it. Reference relevant project patterns if applicable.]

Only modify the necessary lines. Keep unrelated code unchanged.
```

After all issues, include:

### PR Summary
[2-4 sentence overview of the change and overall assessment.]

### Recommendations
- [ ] Highest-priority fixes before merge
- [ ] Tests to add or run
- [ ] Optional improvements

### Statistics
- Files changed: X
- Issues found: Y (Critical: A, High: B, Medium: C, Low: D)
- Checks run: [commands or "not run"]

If no issues are found, say so clearly and include a brief positive summary of what looked good.

GitHub PR Posting

When posting is permitted, use one normal PR comment by default. Do not create inline comments unless the user explicitly asks for them.

Posting workflow:

Run gh auth status.
If auth fails or gh is unavailable, print the full review to the terminal and include the failure reason.
Resolve PR metadata with gh pr view <url-or-number> --json title,body,author,baseRefName,headRefName,files,commits,url.
Generate the same findings and overall assessment you would produce for a terminal review.
Write the GitHub comment body to a temporary Markdown file.
Post with gh pr comment <url-or-number> --body-file <tmp-review.md>.
If posting fails, print the full review to the terminal and include the posting error.

The posted comment must include the summary and statistics at the top, followed by one collapsible <details> section per finding. Each <summary> line must use:

[Severity] File:line - issue title

Each details section must include the problem, impact, suggested fix, and handoff prompt. See REFERENCE.md for the exact GitHub comment template and fallback commands.

For terminal-only reviews, use the standard output format above.

同仓库更多 Skills

同仓库

deep-review

Operatorr/vibe-translate

Perform a maximally thorough, CodeRabbit-style code review that fans out one focused sub-agent per changed file, runs every available linter/SAST/secret scanner, and reports every issue down to nitpicks. Use when the user asks for a deep, exhaustive, thorough, or nitpick-level review, a CodeRabbit-style review, to "find everything", to "leave no stone unturned", or wants maximum coverage on a PR or branch. Optimizes for recall; some noise is acceptable. For a fast, conservative, senior-engineer review that flags only what matters, use code-review instead.

2026-05-220

git-commit

Operatorr/vibe-translate

Stage all repository changes and create a git commit with an auto-generated message after inspecting status, diff, and recent commit style. Use when the user asks to commit changes, save changes in git, stage and commit, or create a commit without needing confirmation.

2026-05-220

git-pr

Operatorr/vibe-translate

Create a feature branch off master/develop/main when needed, stage and commit all changes, push, and immediately open a pull request via the gh CLI. Use when the user asks to open a PR, ship changes, or commit and create a pull request.

2026-05-220

name	code-review
description	Perform deep, context-aware code reviews for GitHub pull requests or local branch changes. Use when the user asks to review a PR, analyze pull request changes, review current branch changes, run automated code review, or mentions PR

Code Review

Use Cases

Review PR #123 with full context
/skill:code-review https://github.com/OWNER/REPO/pull/123
Review the current branch against main as if it were a PR
Do a security-focused review of this PR
Review these local changes but do not post to GitHub

Principles

Prioritize bugs, security issues, data loss, regressions, broken edge cases, missing tests, and maintainability risks.
Do not nitpick personal style. Only flag style issues when they violate explicit project rules.
Be specific and actionable. Every finding should include the exact file/location, impact, and a concrete fix.
Review only by default. Do not edit code unless the user explicitly asks you to fix the issues.
Treat a direct GitHub PR URL as permission to post the completed review back to that PR, unless the user says not to post.
Keep local branch reviews, file-only reviews, and non-URL PR references terminal-only unless the user explicitly asks to post.
User wording such as "do not post", "review only", "don't comment", or "terminal only" overrides any posting permission.

Workflow

Follow this process for every review.

Phase 1: Establish the Review Target

Determine both the review target and the output destination. Review targets can be:

A GitHub PR, e.g. PR #123
The current branch against a base branch, usually main or master
Uncommitted local changes
A specific set of files

Output destination rules:

Direct GitHub PR URL, e.g. https://github.com/OWNER/REPO/pull/123 — post one PR comment by default.
GitHub PR number or shorthand, e.g. PR #123 — print to terminal unless the user explicitly asks to post.
Local branch, uncommitted, or file-only review — print to terminal unless the user explicitly asks to post and provides a PR target.
Any explicit "do not post" wording — print to terminal only.

For GitHub PRs, gather PR metadata and diff with gh when available. Use the PR URL when one was provided:

gh auth status
gh pr view <url-or-number> --json title,body,author,baseRefName,headRefName,files,commits,url
gh pr diff <url-or-number>

For local branch reviews, inspect the merge base and diff:

git status --short
git branch --show-current
git merge-base HEAD origin/main 2>/dev/null || git merge-base HEAD main
git diff <merge-base>...HEAD

Adjust the base branch if the repository uses a different default branch.

Phase 2: Gather Project Context

Read the changed files and enough surrounding code to understand the impact. Also check project standards in this priority order:

REVIEW.md in the target repository root, if present
CLAUDE.md, .claude.md, or equivalent agent instructions
CONTRIBUTING.md, coding standards, architecture docs, ADRs
Package/tooling files such as package.json, pyproject.toml, go.mod, Cargo.toml, etc.
Existing nearby tests and similar implementations

Treat the target repo's REVIEW.md as the highest-priority review rules.

If this skill's bundled reference files are available, use them as support material:

REFERENCE.md — examples, output templates, severity guidance
PROJECT_REVIEW_TEMPLATE.md — starter REVIEW.md users can copy into a project

Phase 3: Run Available Checks

When safe and available, run relevant checks for the repository:

Type checks
Unit tests for changed areas
Linters/format checks
Security scanners if already configured

Do not install new tools or run destructive commands without permission. If checks are too expensive or unavailable, say so and continue with manual review.

Phase 4: Analyze in Order

Analyze the change in this order:

Intent — What is the PR/change trying to accomplish?
Correctness — logic errors, invalid assumptions, broken edge cases, race conditions, bad state transitions
Security — auth/authz, injection, unsafe input handling, secrets, SSRF, XSS, unsafe deserialization, sensitive logging
Reliability — error handling, retries, idempotency, null/undefined handling, resource cleanup
Data & API compatibility — migrations, schema changes, response shapes, backwards compatibility
Testing — missing coverage for new logic, regression tests, edge cases, integration boundaries
Performance — N+1 queries, hot path regressions, unnecessary expensive work
Maintainability — unnecessary complexity, duplicated logic, poor naming, inconsistency with project patterns

For large PRs, focus first on Critical and High issues. Summarize lower-severity patterns instead of producing noisy line-by-line comments.

Severity Scale

Critical — security vulnerability, data loss, production crash, auth bypass, major regression
High — logic bug, missing critical error handling, broken feature, serious performance issue
Medium — missing test, maintainability risk, code smell likely to cause future bugs, minor behavior issue
Low/Nit — explicit project style violation or small clarity issue

Rule of thumb: if you would not block a real merge for it, do not mark it Medium or higher.

Output Format

Start with a short overall assessment. Then list findings from highest to lowest severity.

For every issue, use this format:

## [Severity] Issue: [Short descriptive title]

**File:** `path/to/file.ext:line-range`
**Category:** Bug | Security | Logic | Reliability | Maintainability | Testing | Performance | Style

**Problem:**
[Clear 1-2 sentence explanation of what is wrong and why it matters.]

**Impact:**
[Specific consequence if this is not fixed.]

**Suggested Fix:**
```diff
[Exact unified diff, or a precise before/after code block if a diff is not practical.]
```

**Handoff Prompt:**
```
In the file `path/to/file.ext`, around lines X-Y:

[Detailed, self-contained instruction explaining the exact change needed, why it is required, edge cases to consider, and how to verify it. Reference relevant project patterns if applicable.]

Only modify the necessary lines. Keep unrelated code unchanged.
```

After all issues, include:

### PR Summary
[2-4 sentence overview of the change and overall assessment.]

### Recommendations
- [ ] Highest-priority fixes before merge
- [ ] Tests to add or run
- [ ] Optional improvements

### Statistics
- Files changed: X
- Issues found: Y (Critical: A, High: B, Medium: C, Low: D)
- Checks run: [commands or "not run"]

If no issues are found, say so clearly and include a brief positive summary of what looked good.

GitHub PR Posting

When posting is permitted, use one normal PR comment by default. Do not create inline comments unless the user explicitly asks for them.

Posting workflow:

Run gh auth status.
If auth fails or gh is unavailable, print the full review to the terminal and include the failure reason.
Resolve PR metadata with gh pr view <url-or-number> --json title,body,author,baseRefName,headRefName,files,commits,url.
Generate the same findings and overall assessment you would produce for a terminal review.
Write the GitHub comment body to a temporary Markdown file.
Post with gh pr comment <url-or-number> --body-file <tmp-review.md>.
If posting fails, print the full review to the terminal and include the posting error.

The posted comment must include the summary and statistics at the top, followed by one collapsible <details> section per finding. Each <summary> line must use:

[Severity] File:line - issue title

Each details section must include the problem, impact, suggested fix, and handoff prompt. See REFERENCE.md for the exact GitHub comment template and fallback commands.

For terminal-only reviews, use the standard output format above.