Confirm successful installation by checking the skill directory location:
.cursor/skills/code-review
Restart Cursor to activate code-review. Access via /code-review in your agent's command palette.
β
Security Notice
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.
Load with: base.md + [codex-review.md for OpenAI Codex] + [gemini-review.md for Google Gemini]
Purpose: Enforce automated code reviews as a mandatory guardrail before every commit and deployment. Choose between Claude, OpenAI Codex, Google Gemini, or multiple engines for comprehensive analysis.
Review Engine Choice
When running /code-review, users can choose their preferred review engine:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β CODE REVIEW - Choose Your Engine β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β β Claude (default) β
β Built-in, no extra setup, full conversation context β
β β
β β OpenAI Codex CLI β
β GPT-5.2-Codex specialized for code review, 88% detection β
β Requires: npm install -g @openai/codex β
β β
β β Google Gemini CLI β
β Gemini 2.5 Pro with 1M token context, free tier available β
β Requires: npm install -g @google/gemini-cli β
β β
β β Dual Engine (any two) β
β Run two engines, compare findings, catch more issues β
β β
β β All Three (maximum coverage) β
β Run Claude + Codex + Gemini for critical/security code β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Engine Comparison
Aspect
Claude
Codex
Gemini
Multi-Engine
Setup
None
npm + OpenAI API
npm + Google Account
All setups
Speed
Fast
Fast
Fast
2-3x time
Context
Conversation
Fresh per review
1M tokens
N/A
Detection
Good
88% (best)
63.8% SWE-Bench
Combined
Free Tier
N/A
Limited
1,000/day
Varies
Best for
Quick reviews
High accuracy
Large codebases
Critical code
Set Default Engine
# ~/.claude/settings.toml or project CLAUDE.md[code-review]default_engine="claude"# Options: claude, codex, gemini, dual, all
Usage Examples
# Use default engine/code-review
# Explicitly choose engine/code-review --engine claude
/code-review --engine codex
/code-review --engine gemini
# Dual engine (pick any two)/code-review --engine claude,codex
/code-review --engine claude,gemini
/code-review --engine codex,gemini
# All three engines/code-review --engine all
# Quick shortcuts/code-review # Uses default/code-review --codex# Use Codex/code-review --gemini# Use Gemini/code-review --all# All three engines
Multi-Engine Output
When using multiple engines, findings are compared and deduplicated:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β CODE REVIEW RESULTS - TRIPLE ENGINE β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β β UNANIMOUS (All 3 found): β
β π΄ SQL injection in auth.ts:45 β
β β
β β MAJORITY (2 of 3 found): β
β π Memory leak - unclosed stream in upload.ts:34 (Codex+Gemini)β
β π‘ Missing error handling in api.ts:112 (Claude+Codex) β
β β
β π· CLAUDE ONLY: β
β π Potential race condition in worker.ts:89 β
β β
β πΆ CODEX ONLY: β
β π‘ N+1 query pattern in orders.ts:156 β
β β
β π’ GEMINI ONLY: β
β π‘ Consider using batch API for better performance β
β π’ Type could be more specific in types.ts:23 β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β SUMMARY β
β Unanimous: 1 | Majority: 2 | Single: 5 β
β Critical: 1 | High: 2 | Medium: 3 | Low: 2 β
β Status: β BLOCKED - Fix critical/high issues β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
When to Use Each Mode
Mode
Use When
Single (Claude)
Quick in-flow reviews, exploration
Single (Codex)
CI/CD automation, high accuracy needed
Single (Gemini)
Large codebases (100+ files), free tier
Dual
Important PRs, pre-merge reviews
Triple (All)
Security-critical code, payment systems, auth
Core Philosophy
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β CODE REVIEW IS NON-NEGOTIABLE β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β Every commit must pass code review. β
β Every PR must be reviewed before merge. β
β Every deployment must include review sign-off. β
β β
β AI catches what humans miss. Humans catch what AI misses. β
β Together: fewer bugs, cleaner code, better security. β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β INVOKE: /code-review β
β PLUGIN: code-review@claude-plugins-official β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
When to Run Code Review
Mandatory Review Points
Trigger
Action
Command
Before commit
Review staged changes
/code-review
Before PR
Review all changes vs base
/code-review
Before merge
Final review of PR
/code-review
Before deploy
Review deployment diff
/code-review
Automatic Integration
Run code review automatically before every commit:
βΊAccess to product documentation and roadmap tools (Jira, Notion, etc.)
βΊUnderstanding of product management frameworks (RICE, Jobs-to-be-Done, etc.)
βΊStakeholder contact information and communication channels
Time Estimate
30-60 minutes to see productivity improvements
Steps
1Install product management skill
2Start with user story generation for known feature
3Progress to competitive analysis: research 2-3 competitors
4Use for roadmap prioritization: apply RICE/ICE scoring
5Draft stakeholder communications and refine based on feedback
6Build template library for recurring PM tasks
7Share effective prompts with product team
Common Pitfalls
β Not validating competitive researchβverify facts before sharing
β Accepting user stories without involving engineering team
β Over-relying on frameworks without qualitative judgment
β Not customizing outputs to company culture and communication style
β Skipping stakeholder validation of generated requirements
Best Practices
β Do
+Validate research and competitive analysis with real data
+Collaborate with engineering when generating technical requirements
+Customize frameworks and templates to your company context
+Use skill for first drafts, refine with stakeholder input
+Document successful prompt patterns for PM tasks
+Combine AI efficiency with human judgment and intuition
β Don't
βDon't publish competitive analysis without fact-checking
βDon't finalize user stories without engineering review
βDon't make prioritization decisions solely on AI scoring
βDon't skip customer validation of generated requirements
βDon't ignore company-specific context and culture
π‘ Pro Tips
β Provide context: company goals, constraints, customer feedback
β Ask for alternatives: 'Show 3 ways to prioritize this roadmap'
β Request stakeholder-specific formatting: 'Executive summary vs. engineering spec'
β Use skill for 70% generation + 30% customization to company needs
When to Use This
β Use when
Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work.
β Avoid when
Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed.
Learning Path
1Basic: user stories, feature specs, status updates
