This skill enables developers to perform AI-powered code reviews, identifying bugs, security vulnerabilities, and quality risks in their code. It can operate autonomously or be triggered explicitly, making it suitable for developers looking to enhance code quality and security.
$ npx skills add https://github.com/coderabbitai/skills --skill code-reviewCodeRabbit Code Review is an agent-native skill that integrates AI-powered code analysis into your coding workflow. It automatically detects bugs, security vulnerabilities, and quality risks in your code before you merge. The skill works across 35+ coding agents including Claude Code, Cursor, GitHub Copilot, and others, operating either autonomously or when explicitly triggered. Simply ask your agent to review your code, and it will analyze your changes, group findings by severity, and optionally fix issues and re-review. Installation requires the CodeRabbit CLI and takes minutes to set up globally or per-project.
Install the skill using npx and trigger reviews as needed.
Identify bugs and security vulnerabilities in code changes
Group findings by severity for better prioritization
Conduct code reviews on staged or committed changes
Autonomously fix issues and re-run reviews to verify
$ npx skills add https://github.com/coderabbitai/skills --skill code-reviewgit clone https://github.com/coderabbitai/skillsCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
Review the following [LANGUAGE] code for [COMPANY]'s [PROJECT/APPLICATION] in the [INDUSTRY] sector. Focus on: 1) Bugs and logical errors, 2) Security vulnerabilities (e.g., SQL injection, hardcoded secrets), 3) Code quality (readability, maintainability, performance), and 4) Adherence to [LANGUAGE]-specific best practices. Provide a detailed report with line numbers, severity levels (Critical/High/Medium/Low), and actionable fixes. Here's the code: ```[CODE]```
# CodeRabbit Code Review Report: User Authentication Module
**Project:** SecurePay API | **Language:** Python | **Review Triggered:** Manual
**Reviewed by:** CodeRabbit AI | **Date:** 2023-11-15
---
## 🔴 Critical Issues (2)
### 1. [auth.py:42] SQL Injection Vulnerability
**Severity:** Critical
**Description:** User input from `request.json['username']` is directly interpolated into SQL query without sanitization.
```python
query = f"SELECT * FROM users WHERE username = '{username}'" # UNSAFE
```
**Impact:** Allows attackers to execute arbitrary SQL commands.
**Fix:** Use parameterized queries:
```python
query = "SELECT * FROM users WHERE username = %s"
cursor.execute(query, (username,))
```
### 2. [auth.py:89] Hardcoded API Key
**Severity:** Critical
**Description:** Stripe API key is hardcoded in production code.
```python
STRIPE_KEY = "sk_test_51ABC123..." # Never hardcode secrets!
```
**Impact:** Exposes sensitive credentials if code is leaked.
**Fix:** Use environment variables:
```python
import os
STRIPE_KEY = os.getenv("STRIPE_SECRET_KEY")
```
---
## ⚠️ High Issues (3)
### 3. [auth.py:112] Missing Password Hashing
**Severity:** High
**Description:** User passwords are stored in plaintext.
```python
password = request.json['password'] # Never store plaintext passwords!
```
**Impact:** Compromised database = all user accounts exposed.
**Fix:** Use bcrypt:
```python
import bcrypt
hashed_password = bcrypt.hashpw(password.encode(), bcrypt.gensalt())
```
---
## 📊 Code Quality Metrics
| Metric | Current | Target | Status |
|----------------------|---------|--------|-------------|
| Cyclomatic Complexity| 18 | < 10 | Needs Refactor |
| Test Coverage | 45% | 80%+ | Inadequate |
| Duplicated Code | 12% | < 5% | Needs Cleanup |
---
## 🔧 Recommended Actions
1. **Immediate:** Apply fixes for Critical issues (Priority: P0)
2. **This Sprint:** Address High issues and refactor auth.py to reduce complexity
3. **Next Sprint:** Add unit tests (target: 80% coverage) and implement CI/CD pipeline with automated security scanning
**Total Issues Found:** 8 | **Critical:** 2 | **High:** 3 | **Medium:** 2 | **Low:** 1
---
*Generated by CodeRabbit AI | Next review recommended in 2 weeks or after major changes.*Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan