3.5 KiB
description, allowed-tools, argument-hint
| description | allowed-tools | argument-hint | |
|---|---|---|---|
| Review code for quality, security, and best practices - delegates to code-reviewer agent | Read(*), Grep(*), Glob(*), Task(*) |
|
Review Command
Perform comprehensive code review using the specialized code-reviewer agent.
Technology Adaptation
Configuration Source: CLAUDE.md
This command delegates to the code-reviewer agent, which automatically adapts to the project's technology stack from CLAUDE.md.
Instructions
-
Determine Scope
- If $ARGUMENTS provided: Review that specific file/path
- If user has recent changes: Review uncommitted changes
- Otherwise: Ask what needs review
-
Load Past Review Lessons
- The code-reviewer agent will automatically load past lessons
- This ensures institutional knowledge is applied to the review
-
Invoke Code Reviewer Agent
- Use Task tool with
code-reviewersubagent - Pass the target files/path to review
- Agent will check:
- Code quality and best practices
- Potential bugs or issues
- Performance improvements
- Security vulnerabilities
- Documentation needs
- Adherence to CLAUDE.md standards
- Use Task tool with
-
Present Results
- Display agent's findings organized by severity
- Highlight critical issues requiring immediate attention
- Provide actionable recommendations
Why Use This Command
The /review command provides a quick way to invoke the code-reviewer agent for code quality checks. The agent:
- Adapts to your tech stack from CLAUDE.md
- Uses MCP servers for deep analysis (serena, context7)
- Follows OWASP and security best practices
- Provides structured, actionable feedback
Usage Examples
# Review a specific file
/review src/services/payment-processor.ts
# Review a directory
/review src/components/
# Review current changes
/review
What Gets Reviewed
The code-reviewer agent checks:
Code Quality
- Code smells and anti-patterns
- Naming conventions (from CLAUDE.md)
- DRY principle violations
- Proper separation of concerns
- Design pattern usage
Security
- Injection vulnerabilities
- Authentication/authorization issues
- Hardcoded secrets
- Input validation
- Secure data handling
Performance
- Algorithm efficiency
- Database query optimization
- Unnecessary computations
- Resource management
Maintainability
- Code complexity
- Test coverage
- Documentation completeness
- Consistency with project style
MCP Server Usage
The code-reviewer agent automatically uses:
- serena: For semantic code analysis
- context7: For framework best practices
- memory: For project-specific patterns
Output Format
The agent provides structured output:
### Summary
[Overview of findings]
### Critical Issues 🔴
[Must fix before merge]
### Warnings 🟡
[Should address]
### Suggestions 💡
[Nice-to-have improvements]
### Positive Observations ✅
[Good practices found]
### Compliance Check
- [ ] Code style
- [ ] Security
- [ ] Tests
- [ ] Documentation
Lessons Learned
The code-reviewer agent will automatically:
- Document lessons learned from the review
- Ask if you want to save insights to Serena memory
- Store findings for future reference if you agree
This helps build institutional knowledge and improve code quality over time.
Alternative: Direct Agent Invocation
You can also invoke the agent directly in conversation:
"Please use the code-reviewer agent to review src/auth/login.ts"
The /review command is simply a convenient shortcut.