csh
/
playbook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
playbook/codex/skills/code-review-workflow/SKILL.md

65 lines
2.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
name: code-review-workflow
description:
"Structured expert code review for TSL/C++/Python diffs or patches. Triggers:
code review, review PR, diff, 评审, 审查, 安全评审, 性能评审."
---
# Code Review Workflow
## When to Use This Skill
- Review a PR / `git diff` / patch
- Pre-merge quality gate (correctness/security/perf/tests)
- Risky refactor, behavior change, auth/data path changes
## Inputs (required)
- Change set: PR link or `git diff ...` output (must include context)
- Goal: expected behavior / acceptance criteria (13 sentences)
- Risk level: low|med|high (default: med)
- Verification: test commands / repro steps (if unknown, ask first)
## Procedure
1. **Triage**
- Identify touched areas, public APIs, behavior changes, data/auth paths
- Classify risk (blast radius, rollback difficulty)
2. **Correctness**
- Invariants, edge cases, error handling, null/empty, concurrency
- Backward compatibility (inputs/outputs, wire formats, config)
3. **Security**
- AuthZ/AuthN boundaries, least privilege
- Input validation, injection surfaces, secrets/log redaction
4. **Maintainability**
- Naming/structure/style aligned with Playbook docs
- Complexity hotspots, duplication, clarity of intent
5. **Performance**
- Hot paths, algorithmic complexity, allocations/IO, N+1 patterns
6. **Tests & Verification**
- Map changes → tests; identify missing coverage
- Provide minimal verification plan (commands + expected signals)
## Review Standards (Playbook as authority)
- Commit message: `docs/common/commit_message.md`
- TSL: `docs/tsl/code_style.md`, `docs/tsl/naming.md`, `docs/tsl/toolchain.md`
- C++: `docs/cpp/code_style.md`, `docs/cpp/naming.md`, `docs/cpp/toolchain.md`
- Python: `docs/python/style_guide.md`, `docs/python/tooling.md`,
`docs/python/configuration.md`
## Output Contract (stable)
- Summary: what changed & why
- Risk: low|med|high + reasoning
- Blockers: must-fix before merge (with file/line references when possible)
- Non-blocking: Major / Minor / Nit
- Questions: missing context / assumptions
- Suggested verification: exact commands + what success looks like
- Optional patch: minimal diff-style suggestions (only when unambiguous)
Reference in New Issue View Git Blame Copy Permalink