---
name : code-review
description : Review code for bugs, style, and security issues
---
# Code Review
## Instructions
1. Read the specified file(s) using the read tool
2. Analyze for:
- Bugs and logic errors
- Security vulnerabilities (OWASP top 10)
- Code style and readability
- Performance issues
3. Write a review report to workspace/review.md
## Output Format
For each issue found:
- **File** : path
- **Line** : number
- **Severity** : critical / warning / info
- **Description** : what's wrong
- **Fix** : suggested change
Auto-generated fields added by the skill learner:
confidence: 1.0
learned_from: "task:<task-id>"
learned_at: "<ISO timestamp>"
usage_count: 0
success_count: 0
failure_count: 0
negative_examples: []
Invoking Skills
# In REPL
/skill:code-review Review the auth module
# In voice/text
"Use the code-review skill on src/auth.ts"
# Via SDK
query( { prompt: "/skill:code-review Review src/auth.ts", dir: "./my-agent" } )
Skill Learning Workflow
Task begins — task_tracker begins tracking a task
Task completes — Agent completes the task successfully
Evaluation — skill_learner evaluates if the approach is worth saving
Crystallization — If the task passes worthiness checks, crystallizes it as a new skill
Reuse — Future tasks search for matching skills
Feedback loop — Confidence adjusts based on success/failure outcomes
Skill Directory Structure
skills/
code-review/
SKILL.md ← skill instructions + frontmatter
scripts/
lint.sh ← helper scripts
Every learned skill is version-controlled and inspectable — it’s just a file in your repo, so you can diff, edit, or revert it like any other change.
Tools Built-in and declarative tools the agent uses to act
Workflows Chain skills into deterministic, repeatable pipelines
Hooks Intercept, block, or modify agent behavior at every stage
Plugins Extend GitAgent with installable tools, skills, and hooks