搵技能.../

Code Review | Skills Pool

技能檔案

Code Review

Review code for bugs, security vulnerabilities, performance issues, and maintainability. Trigger with "review this code", "check this PR", "look at this diff", "is this code safe?", or when the user shares code and asks for feedback.

8GG-Git0 星標2026年2月24日

職業
分類: 除錯

技能內容

Structured code review covering security, performance, correctness, and maintainability. Works on diffs, PRs, files, or pasted code snippets.

Review Dimensions

Security

SQL injection, XSS, CSRF
Authentication and authorization flaws
Secrets or credentials in code
Insecure deserialization
Path traversal
SSRF

Performance

N+1 queries
Unnecessary memory allocations
Algorithmic complexity (O(n²) in hot paths)
Missing database indexes
Unbounded queries or loops
Resource leaks

Correctness

Edge cases (empty input, null, overflow)
Race conditions and concurrency issues
Error handling and propagation
Off-by-one errors
Type safety

Maintainability

相關技能

快速安裝

Code Review

npx skills add 8GG-Git/knowledge-work-plugins

下載 Skill 打開源碼倉庫

作者: 8GG-Git
星標: 0
更新時間: 2026年2月24日
職業

本頁內容

01Review Dimensions

Naming clarity
Single responsibility
Duplication
Test coverage
Documentation for non-obvious logic

Output Format

Rate each dimension and provide specific, actionable findings with file and line references. Prioritize critical issues first. Always include positive observations alongside issues.

02

Security

05Maintainability

06Output Format

軟件質量保證分析師同測試人員

Session Logs

Search and analyze your own session logs (older/parent conversations) using jq.

OpenClaw Test Heap Leaks

Investigate `pnpm test` memory growth, Vitest worker OOMs, and suspicious RSS increases in OpenClaw using the `scripts/test-parallel.mjs` heap snapshot tooling. Use when Codex needs to reproduce test-lane memory growth, collect repeated `.heapsnapshot` files, compare snapshots from the same worker PID, triage likely transformed-module retention versus likely runtime leaks, and fix or reduce the impact by patching cleanup logic or isolating hotspot tests.

Node Connect

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps. Use when QR/setup code/manual connect fails, local Wi-Fi works but VPS/tailnet does not, or errors mention pairing required, unauthorized, bootstrap token invalid or expired, gateway.bind, gateway.remote.url, Tailscale, or plugins.entries.device-pair.config.publicUrl.

Openclaw Qa Testing

Run, watch, debug, and extend OpenClaw QA testing with qa-lab and qa-channel. Use when Codex needs to execute the repo-backed QA suite, inspect live QA artifacts, debug failing scenarios, add new QA scenarios, or explain the OpenClaw QA workflow. Prefer the live OpenAI lane with regular openai/gpt-5.4 in fast mode; do not use gpt-5.4-pro or gpt-5.4-mini unless the user explicitly overrides that policy.

Openclaw Secret Scanning Maintainer

Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.

Flags

Use when you need to check feature flag states, compare channels, or debug why a feature behaves differently across release channels.

軟件質量保證分析師同測試人員