Stats
Actions
Tags
From jbb-feature-dev
Comprehensive code review with internalized bug detection (bug-catcher), OWASP security analysis (security-reviewer), code simplification (language reviewers), test quality (test reviewers), holistic review (general-code-reviewer), domain expertise (domain agents), and a post-review pipeline (review-calibrator, review-deduplicator). Replaces /pr-review.
How this skill is triggered — by the user, by Claude, or both
Slash command
/jbb-feature-dev:code-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Conduct a comprehensive code review using specialized agents and a post-review calibration/dedup pipeline.
Conduct a comprehensive code review using specialized agents and a post-review calibration/dedup pipeline.
IMPORTANT: This is a review command. DO NOT make any code changes. Only provide constructive, actionable recommendations.
--all-severities: Show all findings including LOW/MEDIUM for all agents--strict-severity: Keep only HIGH+CRITICAL for ALL agents including code simplification and test reviewers (overrides the default MEDIUM+ and ALL-severity exemptions)--severity LEVELS: Comma-separated severity levels to include (e.g., --severity MEDIUM,HIGH,CRITICAL)Default severity behavior: MEDIUM+HIGH+CRITICAL for most agents, except code simplification and test reviewers which keep ALL severities (test reviewers skip LOW findings they consider unhelpful). Use --strict-severity to enforce HIGH+CRITICAL across every dimension.
gh pr diff {{PR_NUMBER}} for PRs, or git diff origin/master...HEAD for branches${CLAUDE_PLUGIN_ROOT}/commands/shared/language-agent-registry.md
3b. Check domain context: Review the list of available skills (both project-level and
user-level) for any that describe APIs or services touched by the diff. If a skill's
description matches the systems or technologies in the changed code, read its full
content and include relevant domain knowledge (endpoint schemas, known gotchas,
authentication patterns, naming conventions) in the context passed to Phase 2 review
agents. This helps reviewers catch domain-specific issues like incorrect field names,
missing auth scopes, or undocumented API behaviors.codebase-explorer (subagent_type: Explore): Find patterns, conventions, CLAUDE.md in the target repo. Critically: identify sibling implementations — other classes/methods in the same package or system that implement the same interface, extend the same base class, or follow the same architectural pattern as the code under review (e.g., other handlers in the same service, other endpoints in the same API). Read their key methods to understand what patterns they follow (error handling, graceful degradation, field usage, logging practices).${CLAUDE_PLUGIN_ROOT}/skills/code-review/references/false-positive-guidance.md${CLAUDE_PLUGIN_ROOT}/skills/code-review/references/position-anchoring.md${CLAUDE_PLUGIN_ROOT}/skills/code-review/references/severity-rubric.md${CLAUDE_PLUGIN_ROOT}/skills/code-review/references/comment-format.md${CLAUDE_PLUGIN_ROOT}/skills/code-review/references/finding-schema.mdAgent Type Verification: Before spawning, create an explicit agent contract per ${CLAUDE_PLUGIN_ROOT}/commands/shared/agent-verification-pattern.md.
Construct prompts for each agent, injecting:
Spawn review agents in parallel:
All agents MUST emit findings using the schema defined in finding-schema.md:
file_path, position, body, severity, category, confidence, source_agent
Wait for all review agents to complete. Collect all findings into a consolidated list.
Spawn review-calibrator with ALL findings from Phase 2.
The calibrator performs adversarial verification (reads actual code to validate each finding) and calibration (categorizes, filters false positives, normalizes severity, assigns confidence).
Timeout: 2 minutes. If timeout: skip calibration, proceed with raw findings.
Apply severity filter based on source_agent and flags:
Default behavior (no flags):
simplification): keep ALL severities including ENHANCEMENTtest-reviewer): keep ALL severities including ENHANCEMENT, but skip LOW findings the reviewer considers unhelpful (e.g., testing static mappings, framework behavior, or language implementation details)Flag overrides:
--strict-severity: Keep only HIGH and CRITICAL for ALL agents, including code simplification and test reviewers--all-severities: Keep all findings from all agents regardless of severity--severity LEVELS: Keep only the specified severity levels from all agents (e.g., --severity MEDIUM,HIGH,CRITICAL)The test and simplification exemptions exist because test coverage gaps and code quality improvements are valuable even at ENHANCEMENT/LOW/MEDIUM severity — they compound over time and are frequently raised by human reviewers. ENHANCEMENT findings represent aspirational improvements (modernization, better patterns, reusable helpers) that aren't tied to a specific problem but improve code quality over time. The MEDIUM default for other agents ensures findings like PII-in-logs, pattern inconsistencies, and missing error handling are surfaced rather than silently filtered. Use --strict-severity when you only care about correctness and security.
Spawn review-deduplicator with calibrated, filtered findings.
The deduplicator handles same-file, cross-file, adjacent-line consolidation and removes findings already covered by human reviewers.
Timeout: 2 minutes. If timeout: skip dedup, proceed with calibrated findings.
Ensure output directory exists: mkdir -p ~/.claude/thoughts/shared/reviews/
Write to ~/.claude/thoughts/shared/reviews/review_{{PR_NUMBER}}_{{DATE}}.md:
# [PR #{{PR_NUMBER}}: {{PR_TITLE}}] Review
## High level summary
[2-3 sentences summarizing findings]
## Do the code changes align with the PR objective?
["Yes" or "No" with explanation]
## Highlights
- [Positive patterns and well-executed implementations]
## Review Sources
| Source | Status | Findings |
| ------------------------- | ----------------- | --------------- |
| bug-catcher | Completed | N findings |
| security-reviewer | Completed | N findings |
| [language]-simplification | Completed | N findings |
| [language]-test-reviewer | Completed | N findings |
| general-code-reviewer | Completed | N findings |
| review-calibrator | Completed/Skipped | Filtered M of N |
| review-deduplicator | Completed/Skipped | Deduped to K |
## Prioritized Issues
### Critical
[Findings]
### Major
[Findings]
### Minor
[Findings]
### Enhancement
[Findings]
Each finding includes: - Recommendation [i] - \file_path:line``
/crit-pr-review${CLAUDE_PLUGIN_ROOT}/commands/shared/model-selection-guide.mdnpx claudepluginhub jonnycbb/claude-code-config --plugin jbb-feature-devReviews local changes, PRs/MRs, or branch diffs against project coding guidelines using 5-7 parallel review agents (bug detection, security/logic, guideline compliance, code simplification, test coverage, contract quality). High-signal findings only.
Performs code reviews using Codex MCP with severity-grouped findings and a merge gate. Supports fast (diff-only), full (diff + lint/build), and branch review variants.
Guides creation, editing, and verification of skills for AI coding agents using test-driven development with subagent scenarios. Use when authoring or debugging skills.