---
name: review
description: Review current git diff for security, quality, performance, and maintainability issues. Provides actionable feedback with code fixes.
disable-model-invocation: true
context: fork
agent: code-reviewer
---

# Code Review

Review current changes for security, quality, and performance issues.

## Context

Staged changes:
!`git diff --cached --stat`

Detailed diff:
!`git diff --cached`

Unstaged changes:
!`git diff --stat`

Recent commit message:
!`git log -1 --format="%s%n%b" 2>/dev/null || echo "No commits yet"`

## Steps

1. **Analyze the diff** — identify scope, languages, frameworks, data sensitivity
2. **Verify dependencies** — check new imports/packages for CVEs via context7
3. **Review in priority order:**
   - Security (OWASP Top 10, secrets, auth, injection)
   - Reliability (error handling, race conditions, resource leaks)
   - Performance (N+1 queries, blocking I/O, missing pagination)
   - Maintainability (complexity, naming, duplication, types)
   - Testing (coverage for critical paths)

4. **Check against project rules** — read `RULES.md` for constraints

5. **Report:**

```markdown
# Code Review

## Summary
[2-3 sentences: what changed, assessment]

**Verdict**: APPROVE / APPROVE WITH COMMENTS / REQUEST CHANGES

## Critical Issues
[Must fix before merge — with code fixes]

## High Priority
[Should fix — with code fixes]

## Medium Priority
[Consider fixing — grouped if similar]

## What's Done Well
- [Specific praise with file references]

## Recommendations
1. [Prioritized action items]
```