Comprehensive automated code reviews — security, performance, best practices, and refactoring suggestions.
Review this code for security, performance, and best practices:
Language: [Python/JavaScript/TypeScript/Go/Rust]
Context: [What does this code do?]
Priority: [Security first / Performance first / General review]
[Paste code or file path]
For each issue found:
1. Severity (critical/high/medium/low)
2. Category (security/performance/style/bug)
3. Line reference
4. What's wrong
5. How to fix (with corrected code)
Security audit this code. I'm looking for:
- SQL injection vulnerabilities
- XSS attack vectors
- Authentication/authorization bypasses
- Secrets or credentials in code
- Insecure dependencies
- SSRF/CSRF vulnerabilities
- Input validation gaps
Language: [Language]
[Paste code]
Analyze this code for performance issues:
- Database query efficiency (N+1, missing indexes)
- Memory usage and potential leaks
- Algorithm complexity (can it be optimized?)
- Caching opportunities
- Async/concurrency improvements
Context: This handles [X requests/second] and processes [Y data]
[Paste code]
Suggest refactoring improvements for this code:
- Reduce complexity
- Improve readability
- Apply design patterns where beneficial
- Remove duplication
- Improve testability
Show before/after for each suggestion.
[Paste code]
Review this pull request diff:
[Paste diff or describe changes]
Output as PR comments:
- File: [filename]
- Line: [number]
- Comment: [review comment]
- Suggestion: [code suggestion if applicable]
# Code Review Report
**Files Reviewed**: [count]
**Language**: [language]
**Overall Score**: [X/100]
## 🔴 Critical Issues ([count])
### Issue 1: [Title]
- **Severity**: Critical
- **Category**: Security
- **Location**: [file:line]
- **Problem**: [Description]
- **Impact**: [What could happen]
- **Fix**:
```[language]
// Before (vulnerable)
[old code]
// After (fixed)
[new code]
```
## 🟡 Warnings ([count])
[Medium-severity issues]
## 🔵 Suggestions ([count])
[Low-severity improvements]
## 🟢 Positive Observations
[What's already good about the code]
## Summary
- Critical: [X] (must fix before merge)
- Warnings: [X] (should fix soon)
- Suggestions: [X] (nice to have)
- Score: [X/100]
security-auditor for infrastructure-level security checksreferences/security-patterns.md — Common vulnerability patterns by languagereferences/performance-patterns.md — Common performance anti-patterns共 1 个版本