Yet-another-agent-harness review
Review code changes for quality, security, and correctness
install
source · Clone the upstream repo
git clone https://github.com/dirien/yet-another-agent-harness
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/dirien/yet-another-agent-harness "$T" && mkdir -p ~/.claude/skills && cp -r "$T/.claude/skills/review" ~/.claude/skills/dirien-yet-another-agent-harness-review && rm -rf "$T"
manifest:
.claude/skills/review/SKILL.mdsource content
/review — Code Review
When to use
When the user runs /review or asks to review changes/PR.
Steps
- Identify what to review:
- If a PR number is given:
gh pr diff <number> - Otherwise:
for unstaged,git diff
for stagedgit diff --staged
- If a PR number is given:
- Read each changed file fully for context
- Check for:
- Security: injection, XSS, hardcoded secrets, OWASP top 10
- Correctness: edge cases, off-by-one, null handling, race conditions
- Quality: naming, complexity, duplication, dead code
- Performance: N+1 queries, unnecessary allocations, missing indexes
- Tests: adequate coverage, meaningful assertions
- Report findings grouped by severity:
- CRITICAL: security issues, data loss risks
- WARNING: bugs, correctness issues
- SUGGESTION: style, refactoring opportunities
Rules
- Be specific: reference file:line
- Suggest fixes, don't just point out problems
- Acknowledge what's done well
- Don't nitpick formatting if a linter is configured