code-review-checklist
This skill generates a customized code review checklist tailored to the specific pull request's programming language, change type, and risk level. Use it when reviewing code or a pull request to receive language-specific correctness checks, change-type-appropriate validation steps, risk-scaled review depth guidance, and a structured approve or request-changes recommendation based on provided PR details, code diffs, and author context.
git clone --depth 1 https://github.com/mohitagw15856/pm-claude-skills /tmp/code-review-checklist && cp -r /tmp/code-review-checklist/plugins/pm-engineering/skills/code-review-checklist ~/.claude/skills/code-review-checklistSKILL.md
# Code Review Checklist Skill Produces a tailored code review checklist for a specific pull request — scaled to the language, type of change, and risk level. Not a generic template. ## Required Inputs Ask the user for these if not provided: - **Language and framework** (e.g. TypeScript + React / Python + FastAPI / Go) - **Type of change** (feature / bug fix / refactor / dependency upgrade / security patch / performance) - **Risk level** (low / medium / high / critical) - **PR description** (paste the description or link to the PR) - **Code or diff** (optional — paste key changed files or a `git diff`; significantly improves checklist specificity) - **Author context** (new starter / experienced / external contributor) ## Output Format --- # Code Review: [PR Title or Reference] ### 1. PR Overview **Scope assessment:** [Small / Medium / Large / Too large — should be split] **Recommended review depth:** [Skim / Standard / Deep dive] **Estimated review time:** [e.g. 20–30 min — use 5 min per 50 lines of diff as a rough guide] ### 2. Correctness Checks Language-specific correctness checks — choose based on the language stated: **For TypeScript/JavaScript:** - Type definitions match actual usage - No implicit `any` in non-test code - Async/await used consistently; no unhandled promises - Null/undefined handling is explicit **For Python:** - Type hints present on public functions - Exception handling is specific (no bare except) - Resources are closed (context managers, with blocks) **For Go:** - Errors are handled or explicitly ignored with a comment - Context propagation is correct - Goroutine lifetimes are bounded [Include only the section matching the stated language] ### 3. Change-Type-Specific Checks **For bug fixes:** - A test exists that would have caught this bug - The fix addresses root cause, not symptom - Related code paths checked for the same issue **For features:** - Acceptance criteria met - Edge cases handled (empty, large, concurrent) - Error paths tested, not just happy path - Telemetry/logging added for debugging **For refactors:** - Behaviour unchanged (tests still pass) - No scope creep — refactor only - Complexity reduced, not just moved **For dependency upgrades:** - Breaking changes reviewed - Security advisories checked - License compatibility verified [Include only the section matching the stated change type] ### 4. Risk-Appropriate Checks **Low risk:** basic correctness, style conventions, test coverage **Medium risk:** above + rollback plan, monitoring updates, performance considerations **High risk:** above + security implications, data migration safety, feature flag/gradual rollout **Critical risk:** above + staging validation plan, incident response plan, post-deploy verification checklist ### 5. Testing Adequacy - Unit tests cover new logic - Integration tests cover the contract changes - Edge cases tested - Failure modes tested - Performance tests if performance-sensitive ### 6. Review Decision Framework **Approve if:** [2-3 specific conditions based on this PR] **Request changes if:** [Specific blockers] **Comment (non-blocking) if:** [Items worth discussing but not blocking merge] ### 7. Common Pitfalls for This Change Type Based on the change type and language, flag 2-3 things reviewers typically miss for this combination. --- ## Quality Checks - [ ] Checklist is tailored to the stated language (not generic) - [ ] Change-type-specific section is included - [ ] Risk-appropriate depth matches stated risk level - [ ] Decision framework includes at least one named blocking condition and one named non-blocking comment condition - [ ] Common pitfalls are specific to the stated language + change-type combo (not generic advice like "watch out for bugs") ## Anti-Patterns - [ ] Do not generate a generic checklist that ignores the stated language — a Python checklist and a Go checklist have fundamentally different correctness concerns - [ ] Do not treat "looks fine" as a valid review outcome — the checklist exists to surface specific concerns, not validate a superficial read - [ ] Do not scope a "high risk" review the same as a "low risk" review — depth must scale with the stated risk level - [ ] Do not flag every stylistic preference as a blocking issue — distinguish between blocking correctness issues and non-blocking comments - [ ] Do not skip the "common pitfalls" section for the stated language and change-type combination — this is where the most valuable knowledge lives ## Usage Examples - "Generate a code review checklist for [PR description]" - "What should I check in this pull request?" - "Give me a code review checklist for a [language] [change type]" - "Review checklist for a high-risk PR in [language]"
Conduct a structured ethical review of an AI or ML feature, model, or product. Use when preparing to deploy an AI system, assessing algorithmic risk, auditing a model for bias, or producing a responsible AI impact assessment. Produces a structured ethics review covering fairness, transparency, privacy, safety, accountability, and societal impact with a risk tier score, pre-deployment checklist, and prioritised mitigations.
Structure AI and ML product decisions with the rigour of any product decision. Use when building AI-powered features, evaluating LLM integrations, designing AI products, or assessing AI readiness. Produces a complete AI product canvas covering problem definition, model approach, data requirements, evaluation framework, UX design, responsible AI checklist, and launch monitoring plan.
Transform feature briefs into structured design briefs that give designers the context they need before opening Figma. Use when asked to write a design brief, create a design handoff, brief a designer on a new feature, or translate a PRD into design requirements. Produces a brief with user goal, emotional context, success criteria, constraints, edge cases, and out-of-scope boundaries.
Design statistically rigorous A/B tests and interpret experiment results. Use when asked to design an experiment, run an A/B test, calculate sample size, interpret test results, or assess whether an experiment was successful. Produces a complete experiment design with hypothesis, sample size, run time, success criteria, and risk flags — or a results interpretation with ship/iterate/kill recommendation.
Synthesises user signals from multiple research sources into a unified, weighted insight brief. Use when you have data from interviews, support tickets, NPS verbatims, app reviews, or sales calls and need to reconcile contradictions, surface the underlying need behind requests, or answer 'what are users really telling us'. Produces ranked insights with confidence ratings, source weighting rationale, divergent signal analysis by user segment, and a research gap identification section.
Structure a product data analysis, metric deep-dive, funnel analysis, or cohort study. Use when asked to analyse product metrics, investigate a drop in conversion, explain a data change to stakeholders, or find the root cause of a metric movement. Produces a structured analysis with question, root cause, confidence level, and recommended action.
Interpret product metrics against goals and surface actionable signals. Use when asked to analyse product health, review key metrics, investigate a performance issue, produce a health report, or assess product-market fit signals. Produces a structured health report with RAG status, trend analysis, root cause hypotheses, and prioritised actions.
Structure a retention analysis, churn investigation, or engagement deep-dive for any product team. Use when asked to analyse user retention, investigate churn, measure DAU/MAU, or build a retention improvement plan. Produces a retention snapshot with root cause hypotheses, aha-moment correlation, and prioritised interventions.