← 返回
未分类

Code Review Checklist

代码审查清单 - A comprehensive code review checklist and guidance tool. Use when user asks about 代码审查、代码检查、PR review、代码质量, or wants to conduct or prepare for a cod...
代码审查清单 - 全面的代码审查清单和指导工具。用于用户询问代码审查、代码检查、PR review、代码质量,或想要进行或准备代码审查时。
harrylabsj harrylabsj 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 252
下载
💾 0
安装
1
版本
#latest

概述

Code Review Checklist (代码审查清单)

Overview

This skill provides a systematic approach to code reviews. It offers comprehensive checklist items across multiple dimensions of code quality, helps reviewers focus on high-impact areas, and guides developers in preparing code for review. Designed to make code reviews more efficient and thorough.

When to Use This Skill

  • Preparing code for pull request review
  • Conducting a code review as a reviewer
  • Self-reviewing own code before submission
  • Establishing code review standards for a team
  • Training new developers on review best practices
  • Auditing code quality in a codebase

What This Skill Provides

1. Predefined Checklists

Comprehensive checklist items organized by category:

  • Code correctness and logic
  • Code style and readability
  • Performance and efficiency
  • Security considerations
  • Error handling
  • Testing coverage
  • Documentation
  • Architecture and design patterns

2. Review Guidance

  • What to look for in each category
  • Red flags and common issues
  • Best practices specific to language/framework
  • Questions to ask the author

3. Review Workflow

  • Systematic approach to reviewing
  • Priority ordering of checks
  • Time allocation guidance
  • Documentation requirements

Checklist Categories

1. Correctness & Logic

  • [ ] Code produces expected output
  • [ ] Edge cases are handled
  • [ ] No off-by-one errors
  • [ ] Logic is sound and complete
  • [ ] No infinite loops or recursion issues
  • [ ] Proper use of data structures

2. Code Style & Readability

  • [ ] Follows project coding standards
  • [ ] Naming is clear and descriptive
  • [ ] Functions are appropriately sized
  • [ ] Code is not duplicated (DRY principle)
  • [ ] Complex logic has comments
  • [ ] Formatting is consistent

3. Performance & Efficiency

  • [ ] No unnecessary loops or iterations
  • [ ] Proper use of caching when applicable
  • [ ] Database queries are optimized
  • [ ] No memory leaks
  • [ ] Appropriate algorithmic complexity
  • [ ] Resources are properly released

4. Security

  • [ ] Input validation on all user inputs
  • [ ] No SQL injection vulnerabilities
  • [ ] No XSS vulnerabilities
  • [ ] Secrets not hardcoded
  • [ ] Proper authentication/authorization
  • [ ] Sensitive data properly protected
  • [ ] No security misconfigurations

5. Error Handling

  • [ ] Errors are caught and handled appropriately
  • [ ] Error messages are user-friendly
  • [ ] No empty catch blocks
  • [ ] Logging is appropriate
  • [ ] Graceful degradation where needed
  • [ ] No exposing internal error details

6. Testing

  • [ ] Unit tests exist for new code
  • [ ] Tests cover happy path and edge cases
  • [ ] Tests are maintainable
  • [ ] Mock usage is appropriate
  • [ ] Test coverage meets requirements
  • [ ] No flaky tests introduced

7. Documentation

  • [ ] Public APIs are documented
  • [ ] Complex logic has comments
  • [ ] README updated if needed
  • [ ] API changes are documented
  • [ ] Breaking changes are noted

8. Architecture & Design

  • [ ] Follows project architecture patterns
  • [ ] Single Responsibility Principle followed
  • [ ] Dependencies are properly injected
  • [ ] Coupling is minimized
  • [ ] Changes are localized appropriately
  • [ ] No tech debt introduced unnecessarily

Language-Specific Considerations

JavaScript/TypeScript

  • Proper async/await usage
  • TypeScript types are correct
  • No 'any' type abuse
  • ESLint rules followed

Python

  • PEP 8 compliance
  • Type hints where appropriate
  • Docstrings for public functions
  • No deprecated imports

Java

  • Null safety considerations
  • Resource management (try-with-resources)
  • Stream API usage
  • Concurrent access considerations

Go

  • Error handling conventions
  • Goroutine leak prevention
  • Context usage
  • Naming conventions

Review Workflow

Step 1: Context (2-3 min)

  • Read PR description and motivation
  • Understand what changed and why
  • Check related issues or docs

Step 2: Overview (3-5 min)

  • Scan changed files
  • Identify high-risk areas
  • Note files needing deep review

Step 3: Detailed Review (15-30 min)

  • Follow checklist by priority
  • Comment on issues found
  • Ask clarifying questions
  • Suggest improvements

Step 4: Summary (3-5 min)

  • Summarize findings
  • Categorize issues (Blocking/Suggestion/Question)
  • Approve or request changes

Usage Examples

As a Reviewer

"用代码审查清单检查这个PR"
"帮我审查这个函数的逻辑"
"检查这段代码有没有安全问题"
"看看这个文件有哪些可以改进的地方"

As a Developer

"帮我准备代码审查"
"自审查这份代码,有什么遗漏?"
"检查这段代码的测试覆盖"
"这个代码符合项目规范吗?"

For Team Standards

"生成一个代码审查检查清单"
"我们团队的代码审查标准是什么?"
"前端代码审查有什么特殊要求?"

Output Format

For each review, output:

## Code Review: [PR/Change Title]

### Summary
- Files changed: X
- Lines added/removed: +X/-X
- Risk level: [Low/Medium/High]

### Findings

#### 🔴 Blocking Issues
- [Issue description] - [File:Line] - [Suggestion]

#### 🟡 Suggestions
- [Suggestion] - [File:Line]

#### 🟢 Good Practices Noted
- [Positive observation]

### Checklist Status
- [x] Correctness
- [x] Style
- [ ] Security (needs work)
- [x] Performance

### Recommendation
[Approve / Request Changes / Discuss]

### Action Items
- [ ] Item 1
- [ ] Item 2

Integration with Development Workflow

This skill integrates with:

  • github — For reviewing PRs directly
  • coding-agent — For automated code quality checks
  • opencli — For running linters and formatters

Limitations

  • Cannot execute code to verify correctness
  • Cannot know full system context
  • Best practices may vary by project
  • Language-specific items may be incomplete for niche languages

Acceptance Criteria

  1. ✓ Provides comprehensive checklist coverage
  2. ✓ Can customize for different languages/frameworks
  3. ✓ Identifies common issues efficiently
  4. ✓ Helps categorize issue severity
  5. ✓ Provides actionable feedback
  6. ✓ Saves time in review process
  7. ✓ Helps developers learn and improve

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-07 08:24 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

dev-programming

Github

steipete
使用 `gh` CLI 与 GitHub 交互,通过 `gh issue`、`gh pr`、`gh run` 和 `gh api` 管理议题、PR、CI 运行及高级查询。
★ 686 📥 330,986
dev-programming

CodeConductor.ai

larsonreever
AI驱动平台,提供快速全栈开发、智能体、工作流自动化及低代码AI集成的可扩展产品创建。
★ 81 📥 183,008
professional

Legal Risk Assistant

harrylabsj
China legal triage assistant. Input a contract, labor dispute facts, lawsuit-cost question, or draft legal document need
★ 0 📥 2,009