Code Reviewer is a skill published by agensi that performs structured, automated code review on recent changes. It checks for security vulnerabilities including SQL injection, cross-site scripting, and authentication bypasses, as well as logic errors, edge cases, performance issues, and style violations. Findings are categorized into three severity levels: Critical, Warning, and Suggestion. Each finding reports the specific file and line number where the issue occurs, a description of the problem, and a concrete fix — often including a code example. This makes it suitable as a first-pass review before submitting code to a human peer reviewer, or as the sole reviewer on solo projects where no teammate is available. It does not require any environment variables to configure and exposes no discrete tools; the skill operates as a self-contained unit that accepts code as input and returns structured review output. Because findings are tied to specific file locations and severity tiers, a developer can triage Critical items first without manually sorting through a flat list of comments. The skill is oriented toward developers who want immediate, actionable feedback on changes without scheduling delays.
Code Reviewer
Reviews your code for bugs, security vulnerabilities, logic errors, performance issues, and style violations. Organizes findings by severity and suggests fixes with code examples.
Install
cmdop skills install agensi-code-reviewer
Use cases
- Run a pre-commit review to catch SQL injection or XSS vulnerabilities before pushing code
- Get severity-tiered feedback on logic errors and edge cases in a pull request draft
- Review code on solo projects where no peer reviewer is available
- Identify performance issues in recent changes before they reach production
- Enforce style guidelines automatically as part of a development workflow
- Triage Critical findings first to prioritize security fixes over minor suggestions
When to use it
- When a developer wants a first-pass code review before peer review
- When working solo and no human reviewer is available
- When checking recent changes specifically for common security vulnerabilities like SQL injection or XSS
- When findings need to be organized by severity for efficient triage
When not to use it
- When the project requires a review tool that integrates directly with a version control platform via webhooks or APIs
- When architectural or design-level feedback is needed beyond code-level analysis
- When the review must cover an entire large codebase rather than recent changes
- When a specific language or framework requires domain-specific linting tools not described in the facts