Name: jbvc/code-review-checklist
Rating: 35.199999999999996 (1 reviews)
Author: jbvc

jbvc/code-review-checklist

Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability

Quality

44%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Quality

Content

27%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill is an extremely verbose, monolithic checklist that repeats itself multiple times (steps → example checklists → complete checklist) and explains concepts Claude already knows well. While the code examples showing good/bad patterns add some value, the overall content could be reduced by 70%+ without losing actionable information. The lack of progressive disclosure and the absence of validation checkpoints in the workflow significantly weaken its utility.

Suggestions

Reduce content by 70%+: eliminate the step-by-step overview (Steps 1-6) since the Complete Review Checklist covers the same ground, and remove explanations of well-known concepts like SQL injection and XSS

Split detailed checklists (security, functionality, code quality) into separate referenced files, keeping only the Complete Review Checklist in the main SKILL.md

Add a clear workflow with decision points: e.g., 'If critical security issues found → block merge. If style-only issues → approve with comments'

Remove the 'When to Use This Skill', 'Common Pitfalls', 'Review Comment Templates', and 'Additional Resources' sections—these are generic knowledge that wastes tokens

Dimension	Reasoning	Score
Conciseness	Extremely verbose at ~350+ lines. Explains basic concepts Claude already knows (what code review is, what SQL injection is, what XSS is). The checklist items are largely common knowledge for Claude. Massive redundancy between the step-by-step sections, the example checklists, and the 'Complete Review Checklist' which repeats the same items. The 'Best Practices' do/don't lists, 'Common Pitfalls', and 'Review Comment Templates' all add bulk without novel information.	1 / 3
Actionability	The code examples (good/bad patterns) are concrete and executable, which is helpful. However, the skill is fundamentally a checklist of questions rather than executable guidance—it tells Claude to 'check if inputs are validated' but doesn't provide specific tools, commands, or automated approaches. The review comment templates are somewhat actionable but generic.	2 / 3
Workflow Clarity	Steps are listed (Step 1-6) providing a sequence, but there are no validation checkpoints or feedback loops. There's no guidance on what to do when issues are found (beyond generic 'fix it'), no prioritization of findings, and no clear decision points (e.g., when to block vs. approve with comments). The 'Pre-Review' section mentions running locally but doesn't integrate into a verification workflow.	2 / 3
Progressive Disclosure	Monolithic wall of text with everything inline. The detailed checklists for functionality, security, and code quality (each with full code examples) should be in separate referenced files. The 'Related Skills' and 'Additional Resources' sections reference external content but the main body dumps everything into one massive document with no content splitting.	1 / 3
	Total	6 / 12 Passed

Description

32%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description identifies its domain (code reviews) and lists high-level categories but reads more like a document title than a skill description. It lacks concrete actions, explicit trigger guidance ('Use when...'), and natural keyword variations that would help Claude reliably select it from a large skill set.

Suggestions

Add an explicit 'Use when...' clause, e.g., 'Use when the user asks for a code review, PR review, pull request feedback, or wants a quality checklist for their code.'

Replace the high-level category list with specific concrete actions, e.g., 'Checks for security vulnerabilities, identifies performance bottlenecks, flags error handling gaps, and verifies test coverage.'

Include natural trigger term variations users would say: 'PR review', 'pull request', 'review my code', 'code quality check', 'review checklist'.

Dimension	Reasoning	Score
Specificity	Names the domain (code reviews) and lists categories (functionality, security, performance, maintainability), but doesn't describe concrete actions like 'check for SQL injection', 'verify error handling', or 'flag N+1 queries'. The categories are high-level rather than specific actions.	2 / 3
Completeness	Describes what it is (a checklist for code reviews) but completely lacks a 'Use when...' clause or any explicit trigger guidance for when Claude should select this skill. Per the rubric, a missing 'Use when...' clause caps completeness at 2, and the 'what' itself is also weak (it's a noun phrase describing a checklist rather than actions), so this scores a 1.	1 / 3
Trigger Term Quality	Includes 'code review' which is a natural trigger term users would say, plus related terms like 'security' and 'performance'. However, it misses common variations like 'PR review', 'pull request', 'review checklist', 'code quality', or 'review my code'.	2 / 3
Distinctiveness Conflict Risk	The 'code review' focus provides some distinctiveness, but the broad categories (security, performance, maintainability) could overlap with dedicated security audit skills, performance optimization skills, or general code quality skills.	2 / 3
	Total	7 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Reviewed

3 months ago

Table of Contents

Discovery Implementation Validation