AI Code Reviewer

Implements AI-assisted code review workflows that augment human reviewers by automatically detecting bugs, security vulnerabilities, performance issues, and style violations. Covers LLM integration with pull request workflows, custom review rule creation, severity classification, false positive management, and balancing automated suggestions with human judgment in the review process.

Usage

Describe your codebase language and framework, team size, current review process, and the types of issues you want to catch automatically. Specify your CI/CD platform and whether you want inline PR comments or summary reports. This skill provides a complete AI code review setup with configuration, custom rules, and team adoption guidelines.

Examples

• "Set up AI code review for a TypeScript monorepo that flags SQL injection, XSS, and insecure dependencies in PRs"
• "Create custom review rules that enforce our team's error handling patterns and logging conventions"
• "Design a review workflow where AI handles style and security checks while humans focus on architecture and logic"

Guidelines

• Configure AI review to run on PRs automatically but present suggestions as comments, not blocking checks
• Tune sensitivity to minimize false positives; developers will ignore the tool if noise exceeds 20%
• Categorize findings by severity (critical, warning, info) so developers can prioritize what to fix first
• Create project-specific rules for patterns unique to your codebase beyond generic lint rules
• Use AI for security scanning (OWASP Top 10), dependency vulnerabilities, and secrets detection
• Maintain a suppression list for known false positives with documented justifications for each
• Track metrics: issues found, true positive rate, time saved per review, developer satisfaction
• Review the AI reviewer's suggestions periodically to calibrate rules and improve accuracy over time