Code Review Buddy
by Roy Yuen
Structured, severity-aware code reviews focusing on security, bugs, and performance across all major languages.
- Identify SQL injection and local path traversal vulnerabilities in web code.
- Detect resource leaks like unclosed files or database connections.
- Verify AI agent skill files for YAML errors and workflow logic gaps.
$5
· or 25 creditsSecure checkout via Stripe
Included in download
- Identify SQL injection and local path traversal vulnerabilities in web code.
- Detect resource leaks like unclosed files or database connections.
- terminal automation included
- Ready for Cursor
Sample input
Review this Python function for security issues and efficiency: def get_user(id): query = "SELECT * FROM users WHERE id = " + id return db.execute(query).fetchall()
Sample output
🔍 Code Review: User Query Function Language: Python
🔴 Security
• line 2 SQL injection risk via string concatenation.
Fix: Use parameterized queries: db.execute("SELECT * FROM users WHERE id = ?", (id,))
Summary: 1 issue found — 1 critical Verdict: 🛑 Do not ship
Structured, severity-aware code reviews focusing on security, bugs, and performance across all major languages.
$5
· or 25 creditsSecure checkout via Stripe
Included in download
- Identify SQL injection and local path traversal vulnerabilities in web code.
- Detect resource leaks like unclosed files or database connections.
- terminal automation included
- Ready for Cursor
- Instant install
Sample input
Review this Python function for security issues and efficiency: def get_user(id): query = "SELECT * FROM users WHERE id = " + id return db.execute(query).fetchall()
Sample output
🔍 Code Review: User Query Function Language: Python
🔴 Security
• line 2 SQL injection risk via string concatenation.
Fix: Use parameterized queries: db.execute("SELECT * FROM users WHERE id = ?", (id,))
Summary: 1 issue found — 1 critical Verdict: 🛑 Do not ship
Screenshots
About This Skill
High-Performance Code Review for Humans and Agents
Code Review Buddy is a developer-centric skill designed to provide structured, actionable feedback on code snippets, files, and pull requests. Unlike generic AI suggestions, this skill follows a strict hierarchical review process that prioritizes critical security vulnerabilities and functional bugs over subjective style choices.
What it does
- Security First: Scans for SQL injection, path traversal, hardcoded secrets, and unsafe deserialization across multiple languages.
- Bug Detection: Identifies logic errors, race conditions, resource leaks, and language-specific pitfalls (like Python's mutable default arguments).
- Performance Analytics: Flags N+1 queries, inefficient string operations, and memory-intensive file handling.
- Agent Skill Validation: A unique feature that audits other AI agent skill files for YAML syntax, workflow logic, and trigger consistency.
Why use this skill
Stop wasting time on "style lectures." This skill focuses on code health and correctness. It generates standardized reports with severity icons (🔴 Critical to ⚪ Info), making it easy to see exactly what needs to be fixed before a merge. It understands the nuances of Python, JavaScript, TypeScript, Go, and Shell, applying language-specific best practices out of the box. Output is formatted specifically for terminal-based developers and AI IDEs like Cursor or Claude Code.
Use Cases
- Identify SQL injection and local path traversal vulnerabilities in web code.
- Detect resource leaks like unclosed files or database connections.
- Verify AI agent skill files for YAML errors and workflow logic gaps.
- Optimize O(n²) loops and inefficient data structure handling.
- Audit shell scripts for unquoted variables and unsafe command execution.
Known Limitations
- Cannot run dynamic analysis or execute code.
- Limited to file contents and diffs without full repo indexing.
- May miss logic bugs in highly complex state machines.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/code-review-buddy -o /tmp/code-review-buddy.zip && unzip -o /tmp/code-review-buddy.zip -d ~/.claude/skills && rm /tmp/code-review-buddy.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Optimized for terminal and IDE-based agents like Claude Code, Cursor, and Aider.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
inline-comment
Best way to steer your agents, effortlessly.
sast-configuration
Automate the setup and optimization of Semgrep, SonarQube, and CodeQL for high-signal security testing.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.