review▌

Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it.

Simple, pragmatic, opinionated. Only what matters for writing production-grade SQLAlchemy and Alembic code.

Expert code review of git changes with focus on SOLID violations, security risks, and actionable improvements. \n \n Analyzes current git diff for SOLID principle violations, architecture smells, and removal candidates using structured checklists \n Scans for security risks including injection, authentication gaps, race conditions, and unsafe deserialization with exploitability assessment \n Flags code quality issues: error handling gaps, N+1 queries, boundary condition bugs, and performance hot

Security review for TypeScript/Node.js applications. Evaluates code against OWASP Top 10, framework-specific patterns, and production-readiness criteria. Findings are classified by severity (Critical, High, Medium, Low) with remediation examples. Delegates to the typescript-security-expert agent for deep analysis.

Comprehensive safety analysis and improvement framework for AI prompts with detailed assessment methodologies. \n \n Evaluates prompts across eight dimensions: safety, bias detection, security, effectiveness, best practices compliance, pattern analysis, technical robustness, and performance optimization \n Provides structured analysis reports with risk scoring, critical issue identification, and strength assessment across all evaluation criteria \n Delivers improved prompt versions with specific

Provides structured code review for NestJS applications. Findings categorized by severity (Critical, Warning, Suggestion) with actionable recommendations. Delegates to nestjs-code-review-expert agent for deep analysis.

Load with: base.md + [codex-review.md for OpenAI Codex] + [gemini-review.md for Google Gemini]

Catches common bugs in LangGraph state management, graph structure, and async patterns. \n \n Identifies 20+ critical issues including state mutations, missing reducers, invalid conditional edge returns, and checkpointer configuration errors \n Covers state schema problems like improper use of add_messages , full-state returns, and Pydantic models without annotations \n Detects graph structure issues: missing entry points, unreachable nodes, incomplete conditional paths, and undeclared Command d

If you see unfamiliar placeholders or need to check which tools are connected, see CONNECTORS.md.

Multi-dimensional code review with quality gates. Every change gets reviewed before merge — no exceptions. Review covers five axes: correctness, readability, architecture, security, and performance.