Automated code review for TypeScript, JavaScript, Python, Go, Swift, and Kotlin. Analyzes PRs for complexity and risk, checks for SOLID violations and code smells, detects security patterns (SQL injection, hardcoded secrets), and generates scored review reports. Use when reviewing pull requests, analyzing code quality, or generating review checklists.
Automated code review tools for analyzing pull requests, detecting code quality issues, and generating structured review reports.
Analyze PR → Check Quality → Generate Report → Enforce Verdict
Look at the diff for:
debugger, , left inconsole.logprint()any types — weakens type safetyAssign a complexity score 1–10 and a risk category (critical / high / medium / low).
Flag structural issues:
| Issue | Threshold |
|---|---|
| Long function | > 50 lines |
| Large file | > 500 lines |
| God class | > 20 methods |
| Too many params | > 5 |
| Deep nesting | > 4 levels |
| High cyclomatic complexity | > 10 branches |
Also flag: missing error handling, unused imports, magic numbers, SOLID violations.
| Category | Check |
|---|---|
| Input Validation | All user input validated and sanitized |
| Output Encoding | Context-appropriate encoding applied |
| Authentication | Passwords hashed with Argon2/bcrypt |
| Session | Secure cookie flags (HttpOnly, Secure, SameSite) |
| Authorization | Server-side permission checks on all endpoints |
| SQL | Parameterized queries used exclusively |
| File Access | Path traversal sequences rejected |
| Secrets | No hardcoded credentials or keys |
| Dependencies | No known-vulnerable packages |
| Logging | Sensitive data not logged |
| Score | Verdict |
|---|---|
| 90+ / no high issues | ✅ Approve |
| 75+ / ≤ 2 high issues | 💬 Approve with suggestions |
| 50–74 | 🔄 Request changes |
| < 50 or critical issues | 🚫 Block |
# ❌ SQL injection risk
query = f"SELECT * FROM users WHERE username = '{username}'"
# ✅ Parameterized query
query = "SELECT * FROM users WHERE username = %s"
cursor.execute(query, (username,))
# ❌ Weak password hashing
import hashlib
hashed = hashlib.md5(password.encode()).hexdigest()
# ✅ Argon2id
from argon2 import PasswordHasher
ph = PasswordHasher()
hashed = ph.hash(password)
Python · TypeScript · JavaScript · Go · Swift · Kotlin