News
💻 Code Review AI Skills Pull Request Reviewer

Pull Request Reviewer Skill

⬇ Download this Claude Skill

How to import

A senior engineer in your pocket — reviews any PR for bugs, logic errors, security issues, and performance problems, with actionable inline comments and a clear verdict.

Most PRs get reviewed under time pressure by someone who has not read the surrounding code in weeks. This skill does the first pass for you — methodically, without rushing, without the social awkwardness of leaving too many comments. It finds the things that slip through when humans are tired.

What the skill does

  • Bug and logic review. Reads the diff for off-by-one errors, null/undefined edge cases, incorrect conditionals, and broken control flow.
  • Security scan. Flags injection risks, hardcoded secrets, unsafe deserialization, improper auth checks, and OWASP Top 10 patterns — with the specific line and the reason it is a risk.
  • Performance review. Identifies N+1 queries, unnecessary re-renders, missing indexes, unbounded loops, and blocking operations in async code.
  • Code quality. Notes naming inconsistencies, functions doing too many things, missing error handling, and tests that do not cover the changed paths.
  • Inline comment format. Every finding is tied to a specific line or block — just like a real reviewer's comments.
  • Summary verdict. Ends with Approve / Request Changes / Needs Discussion and a one-paragraph rationale.

How it works

  1. Paste the diff. Paste the raw git diff output or the PR diff directly into the conversation.
  2. Provide context. Tell the skill: the language and framework, what the PR is supposed to do, and any areas you already know are rough.
  3. Review pass. The skill works through the diff section by section — logic first, then security, then performance, then style.
  4. Inline comments. Each finding references the specific code block and explains what is wrong and why.
  5. Verdict. A final summary with a clear recommendation and a list of blockers vs. suggestions.
  6. Follow-up. Ask the skill to elaborate on any finding, suggest a fix, or re-review a specific section after changes.

How to use it

  1. Click ⬇ Download this Claude Skill above.
  2. Import the .md file through Claude Desktop (Customize → Skills → + → Create skill → Upload a skill) or drop it into .claude/commands/ for Claude Code. Full walkthrough in the import tutorial.
  3. Invoke the skill, then paste your diff:
    /pr-reviewer
    Or provide context up front:
    /pr-reviewer TypeScript, Next.js app. This PR adds a new API route for user invitations. I am worried about the token generation logic.

Quick-start prompt (no download)

Paste this into Claude with your diff attached:

You are a senior software engineer doing a thorough code review. Review the following diff for:

  1. Bugs and logic errors — off-by-one, null handling, incorrect conditions
  2. Security issues — injection, hardcoded secrets, broken auth, OWASP Top 10
  3. Performance — N+1 queries, blocking calls, unnecessary work
  4. Code quality — naming, error handling, test coverage of changed paths

For each finding: quote the specific code block, explain what is wrong and why it matters, and suggest a fix. Use a format that mirrors GitHub review comments. End with a verdict: Approve / Request Changes / Needs Discussion, with a one-paragraph rationale.

Language: [language/framework]. The PR is supposed to: [describe the intent].

[paste diff here]

Tips:

  • Include the surrounding file context if the diff alone is ambiguous — paste 20–30 lines before and after a suspect function.
  • Ask for a security-only pass if you just want to check one dimension without the full review noise.
  • The skill works on any language — be explicit about the framework so it applies the right idioms.
  • After fixing blockers, paste the updated diff and ask for a re-review of those specific sections.

⚠ This skill has been tested and optimized for Claude. Results may vary with other AI assistants.