OpenSkillIndex← back to search
claude-code

Jiva code-review

install
source · Clone the upstream repo
git clone https://github.com/KarmaloopAI/Jiva
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/KarmaloopAI/Jiva "$T" && mkdir -p ~/.claude/skills && cp -r "$T/examples/personas/code-reviewer/skills/code-review" ~/.claude/skills/karmaloopai-jiva-code-review && rm -rf "$T"
manifest: examples/personas/code-reviewer/skills/code-review/SKILL.md
source content

Code Review Skill

Overview

Perform comprehensive code reviews analyzing bugs, style issues, performance bottlenecks, security vulnerabilities, and adherence to best practices.

Workflow

1. Scan Code Structure

  • Use 
    view
    tool to read all relevant files in the codebase
  • Identify file types, frameworks, and languages used
  • Map dependencies and module relationships

2. Analyze Code Quality

Check for the following categories:

Bugs & Logic Errors:

  • Null/undefined handling
  • Off-by-one errors
  • Race conditions
  • Memory leaks
  • Incorrect algorithm implementation

Security Issues:

  • SQL injection vulnerabilities
  • XSS vulnerabilities
  • Authentication/authorization flaws
  • Sensitive data exposure
  • Unsafe dependencies

Performance Problems:

  • Inefficient algorithms (O(n²) where O(n) possible)
  • Unnecessary database queries
  • Memory overuse
  • Blocking operations
  • Missing caching

Code Style:

  • Naming conventions
  • Code formatting inconsistencies
  • Magic numbers/strings
  • Dead code
  • Overly complex functions

Best Practices:

  • DRY (Don't Repeat Yourself) violations
  • SOLID principles adherence
  • Error handling patterns
  • Testing coverage
  • Documentation quality

3. Categorize Findings

Group issues by:

  • Critical: Security vulnerabilities, data loss risks
  • High: Bugs that cause crashes/errors
  • Medium: Performance issues, maintainability problems
  • Low: Style issues, minor improvements

4. Provide Solutions

For each issue:

  • Explain WHY it's a problem
  • Show the problematic code snippet
  • Provide a SPECIFIC fix with code examples
  • Explain the benefits of the fix

5. Generate Report

Structure the output as:

# Code Review Report

## Summary
- Total files reviewed: X
- Issues found: Y (Z critical, W high, V medium, U low)

## Critical Issues
[List critical issues with fixes]

## High Priority Issues
[List high priority issues with fixes]

## Medium Priority Issues
[List medium priority issues with fixes]

## Low Priority Issues
[List low priority issues with fixes]

## Strengths
[Mention good practices found in the code]

## Recommendations
[Overall suggestions for improvement]

Resources

When to Use References

  • Read 
    references/security_checklist.md
    when analyzing security
  • Consult 
    references/performance_patterns.md
    for performance optimization
  • Check 
    references/language_guides/
    for language-specific best practices

Scripts (Future Enhancement)

  • scripts/run_linter.sh <file>
    - Run automated linting
  • scripts/complexity_analysis.py <file>
    - Calculate cyclomatic complexity
  • scripts/security_scan.py <dir>
    - Run security vulnerability scanner

Example Usage

User: "Review this authentication code"

Process:

  1. Read authentication-related files with 
    view
    tool
  2. Check for common auth vulnerabilities (password storage, session management, etc.)
  3. Analyze token handling and encryption
  4. Check for privilege escalation risks
  5. Provide detailed report with fixes

Tips for Effective Reviews

  1. Be Specific: Don't just say "improve error handling" - show exactly how
  2. Prioritize: Focus on critical/high issues first
  3. Be Constructive: Acknowledge good code practices too
  4. Provide Context: Explain the "why" behind each suggestion
  5. Code Examples: Always show concrete before/after code
  6. Consider Trade-offs: Mention any downsides to suggested changes