Code Review Rapid
All-in-one command covering comprehensive, code, quality, review. Includes structured workflows, validation checks, and reusable patterns for utilities.
Code Review Rapid
Perform an automated code review on staged changes or a specified file, checking for bugs, security issues, performance problems, and style violations.
When to Use This Command
Run this command when...
- You want a quick automated code review before opening a pull request
- You need to catch common security vulnerabilities like SQL injection or XSS before merge
- You want style and best-practice feedback without waiting for a human reviewer
Avoid this command when...
- You need a review of high-level architectural decisions rather than code-level issues
- The changes are trivial (typo fixes, comment updates) and do not need automated review
Quick Start
# .claude/commands/code-review-rapid.md --- allowed-tools: ["Bash", "Read", "Grep", "Glob"] --- Review the staged git diff or specified file. Check for bugs, security issues, performance, and style. Provide actionable feedback.
Example usage:
/code-review-rapid
/code-review-rapid src/api/handlers/payment.ts
Example output:
Code Review: src/api/handlers/payment.ts
=========================================
[BUG] Line 42: Missing null check on user.subscription
before accessing .plan property
[SEC] Line 67: User input passed directly to SQL query.
Use parameterized queries instead.
[PERF] Line 89: N+1 query inside loop. Batch the database
call outside the loop.
Summary: 1 bug, 1 security, 1 performance issue found
Core Concepts
| Concept | Description |
|---|---|
| Bug detection | Null references, type mismatches, off-by-one errors |
| Security scan | Injection, XSS, hardcoded secrets, insecure crypto defaults |
| Performance | N+1 queries, unnecessary allocations, blocking I/O in async code |
| Style check | Function length, naming conventions, cyclomatic complexity |
Input (diff or file) --> Parse Changes
|
+------------+------------+
| | |
Bugs Security Performance
| | |
+--- Findings Report -----+
Configuration
| Option | Default | Description |
|---|---|---|
scope | staged | What to review (staged, file, branch) |
severity | all | Minimum severity to report (info, warn, error) |
categories | all | Which checks to run (bugs, security, perf, style) |
format | inline | Output format (inline, summary, json) |
context | 3 | Lines of context shown around each finding |
Best Practices
- Review before pushing -- catching issues locally saves CI time and reviewer effort.
- Focus on security first -- security findings should always be addressed before merge.
- Use on hotfixes -- rapid reviews are especially valuable for urgent changes that skip normal review.
- Combine with human review -- automated review catches patterns; humans catch logic and design issues.
- Customize severity -- set severity to
warnto reduce noise from minor stylistic suggestions.
Common Issues
- Too many style findings -- lower severity threshold or exclude the style category for initial passes.
- False positive on SQL injection -- parameterized queries via ORMs may look like string concatenation. Exclude known-safe ORM patterns.
- Missing cross-file context -- reviewing a single file may miss issues spanning multiple files. Use branch scope for full-feature reviews.
Reviews
No reviews yet. Be the first to review this template!
Similar Templates
Git Commit Message Generator
Generates well-structured conventional commit messages by analyzing staged changes. Follows Conventional Commits spec with scope detection.
React Component Scaffolder
Scaffolds a complete React component with TypeScript types, Tailwind styles, Storybook stories, and unit tests. Follows project conventions automatically.
CI/CD Pipeline Generator
Generates GitHub Actions workflows for CI/CD including linting, testing, building, and deploying. Detects project stack automatically.