Development Skill

Code Reviewer Pro

Senior code review line by line: bugs, security, missing tests — with concrete fixes and a clear verdict.

Code reviewPull RequestPRDiffCode qualityBugsEdge-CasesSecurityOWASPSTRIDETestsTest-CoverageRefactoringReadabilityConventional CommentsGitHubGitLabPythonJavaScriptTypeScriptGoJavaSQLSenior ReviewLGTMDevelopmentStatic AnalysisPR summarySupply-ChainDependenciesCVERisk-based ReviewAI codeCommittable Suggestions
Free
0 0 ★ 5.0 (1) v1.4.0 Updated 22.06.2026 by skills-for-ai

SKILL.md in the open agentskills.io standard — works directly in Claude, ChatGPT/Codex, Cursor, Copilot & more.

Code Reviewer Pro is an AI code-review skill for pull requests, diffs and files — reviewing line by line like a senior reviewer. Catches bugs, security flaws (OWASP/STRIDE) and missing tests with concrete fixes, paste-ready Conventional Comments and a clear verdict: LGTM / Request Changes.

What this skill does

  • Starts with a PR overview (TL;DR, affected modules, risk areas) — lowers cognitive load
  • Line-/diff-precise comments with a concrete fix, where possible as a committable suggestion block (apply in one click)
  • Risk-based: reviews auth, queries, removed validations, money/data paths & incident areas more deeply, trivia quickly
  • Finds bugs, edge cases and security holes (OWASP Top 10 / STRIDE)
  • Checks dependencies/supply chain (CVEs, license, hallucinated packages) and AI-generated code (plausible-but-wrong)
  • Surfaces missing & brittle tests and untested error paths
  • Signal over noise: leaves mechanical nits to the linter, keeps nits short; high recall on bugs/security
  • PR hygiene incl. size rule of thumb (≤ ~400 lines, else split), commit messages, scope
  • Language presets (Python, JS/TS, Go, Java, SQL …), focus modes (security/tests/triage/architecture)
  • States limits (static, not executed) and gives a clear verdict: LGTM / Request Changes

Description

Code-Reviewer Pro is a skill for AI code review and pull request review — it reviews your code line by line for bugs, security flaws, missing tests and maintainability. A deep, dev-focused code-review specialist for GitHub and GitLab. Works to the Google code-review standard (code health over perfection, blocking vs. nit, issue not person) and gives line-/diff-precise comments in Conventional Comments style (issue / suggestion / question / nitpick / praise), paste-ready for GitHub/GitLab. Review categories: correctness & bugs, edge cases, security (OWASP Top 10 / STRIDE, input validation, no secrets in code), tests (missing/brittle tests, untested error paths, coverage gaps), style & readability (naming, complexity, duplication), maintainability & structure, performance (N+1, hotspots), error handling & logging, API/interface design and PR hygiene (scope, commit messages, PR description). Language presets for Python, JS/TS, Go, Java/Kotlin and SQL with their typical pitfalls; other languages idiomatically. Optional focus modes: security, tests, quick triage (blockers only), architecture/design. Every review states its limits (static, not executed; only the shown excerpt) and ends with a clear verdict (LGTM / Request Changes). Surfaces vulnerabilities solely to fix them — no malicious code. For non-code reviews it points to the Review Architect, for deep statistics to the A/B Test Auditor.

Examples

What it does not do

  • Writes no malicious code and builds no exploits — vulnerabilities only to fix them
  • No sugar-coating and no tearing-down — always with a fix, blocking separated from nit
  • Doesn't run the code (static review)
  • Invents no secrets and passes none on
  • Won't review non-code artifacts (use the Review Architect for that)

Compatibility & tech

Claude Code, Codex CLI, Cursor, GitHub Copilot, Gemini CLI (as a SKILL.md/rule)Claude (Projects & system prompt)ChatGPT (Custom GPT & custom instructions)Any LLM (paste-in)
Tested (internal)
3 scenarios
Recommended runtime
Strongest available model; most effective in agentic tools (Claude Code/Codex/Cursor) with repo access.
Modes
PR/diff review · File/function · Security focus · Test focus · Quick triage · Architecture/design
Inputs
Pull request / diff · File · Function/snippet · optional: language, purpose, test status, coding guidelines
Output format
PR overview (TL;DR/modules/risk) + summary & verdict (LGTM/Request Changes), line-level Conventional Comments with severity & fix (committable suggestions), test gaps, 'not checked/assumptions', next step
Subcategory
Code quality & review
License
Proprietär

Security profile

Local

Runs entirely on your machine with your own AI — no external runtime, no running costs.

Instruction-only

Only instructions, templates and references — no executable scripts.

No network access

Works offline with what you provide — does not call external services on its own.

What do these badges mean? →

What you get

  • code-reviewer-pro-1.4.0/4 files
    • .claude-plugin/marketplace.json
    • plugins/code-reviewer-pro/skills/code-reviewer-pro/4 files
      • SKILL.md
      • manifest.json
      • references/2 files
        • languages.md
        • review-checklist.md
    • .agents/skills/code-reviewer-pro/→ universal — same content (Codex, Cursor, Copilot, Gemini, Windsurf, Cline)
    • LICENSE.txt

Installation

After unlocking, you install with a single command — it auto-detects your AI tool.

Runs inClaude CodeGitHub CopilotGemini CLICursorCodex CLIWindsurfCline

Also works as a chat prompt

Full in chat

No AI tool? Paste it into Claude, ChatGPT or Gemini and use the method right away.

This skill ships no scripts, so the prompt carries its full method.

Installing is the full version — it triggers automatically, runs its scripts and loads references as needed. As a chat prompt you drive the method by hand.

Unlock to copy the ready-to-paste prompt — then in “My Skills”.

Reviews

5.0 1 review

Note

A focused dev specialist (deeper than the Review Architect's code module). Best with language/framework, the code's purpose and test status. For reviews outside code → Review Architect.

Changelog

  • v1.4.022.06.2026Platform-native output: now actively uses your platform's native formatting — tables, checklists, code blocks and clickable/button options, with a numbered fallback on non-interactive platforms. Plus internal metadata that prepares the upcoming agent builder.
  • v1.3.018.06.2026Reworked to the AUTHORING v2 standard: realistic input/answer examples (incl. a calibration case), copy checklist(s) and internal evals; cross-references added.
  • v1.2.018.06.2026Added references/languages.md: deeper detail reference via progressive disclosure; SKILL.md stays lean.
  • v1.1.010.06.2026From web research (modern 2026 practices): PR overview/walkthrough first, committable suggestion blocks, risk-based depth, dependencies/supply chain (CVE/license/hallucinated packages) + AI-code check, signal-over-noise (mechanics to the linter, high recall on bugs/security), PR size rule of thumb (≤ ~400 lines).
  • v1.0.010.06.2026Deep code-review specialist: line-precise Conventional Comments, OWASP/STRIDE security, test gaps, style/maintainability/performance, PR hygiene, language presets (Python/JS-TS/Go/Java/SQL), focus modes, LGTM/Request Changes verdict, limits stated; Google code-review better-not-perfect principle.

Frequently asked questions

What does Code Reviewer Pro do?

Code Reviewer Pro is an AI code-review skill for pull requests, diffs and files — reviewing line by line like a senior reviewer. Catches bugs, security flaws (OWASP/STRIDE) and missing tests with concrete fixes, paste-ready Conventional Comments and a clear verdict: LGTM / Request Changes.

How do I review a pull request properly?

Code-Reviewer Pro reviews a PR/diff/file line by line using the Google code-review standard: correctness & bugs, edge cases, security (OWASP/STRIDE), missing tests, style and performance — with concrete, paste-ready suggestions and a clear verdict (LGTM / Request Changes).

Which programming languages does the code review support?

Language presets for Python, JavaScript/TypeScript, Go, Java and SQL among others; the review adapts idioms and common pitfalls per language. The methodology is language-agnostic.

Does it find security vulnerabilities in the code?

Yes — it hunts vulnerabilities against OWASP/STRIDE, watches for supply-chain/dependency/CVE risks, and flags security-relevant findings as blocking rather than nits.

Does it replace a human reviewer?

No. It is a thorough first-pass review that catches the routine (bugs, tests, security, style) and saves the team time; the final call and the merge stay with you.

Which AI tools does Code Reviewer Pro work with?

Claude Code, Codex CLI, Cursor, GitHub Copilot, Gemini CLI (as a SKILL.md/rule) · Claude (Projects & system prompt) · ChatGPT (Custom GPT & custom instructions) · Any LLM (paste-in)

How do I use Code Reviewer Pro?

Code Reviewer Pro is a SKILL.md in the open agentskills.io standard: install it with one command (npx) or download it and add it to your AI tool — Claude (Projects), ChatGPT (Custom GPT), Cursor, Copilot, Gemini CLI and more. No code needed.