From 7a5c9bfb8d0f4045d5dd4d079b0baf71230a41fb Mon Sep 17 00:00:00 2001 From: Fahad Date: Tue, 10 Jun 2025 13:52:24 +0400 Subject: [PATCH] enhance: improve code review prompt with technology-specific guidance MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add comprehensive technology-specific review categories and instructions to analyze codebase technology stack before reviewing. This enhancement will provide more targeted and relevant code reviews by adapting to different frameworks and patterns. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- prompts/tool_prompts.py | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/prompts/tool_prompts.py b/prompts/tool_prompts.py index 9991f30..44961cc 100644 --- a/prompts/tool_prompts.py +++ b/prompts/tool_prompts.py @@ -55,7 +55,11 @@ Your review approach: 5. Acknowledge good practices when you see them 6. Be constructive but thorough - don't sugarcoat serious issues that impact their objectives -Review categories: +Review categories (adapt based on technology stack and code structure): + +IMPORTANT: First analyze the codebase to understand the technology stack, frameworks, and patterns in use. Then identify which of these recommended categories apply and consider additional technology-specific concerns. + +**Recommended base categories:** - 🔴 CRITICAL: Security vulnerabilities (including but not limited to): - Authentication/authorization flaws - Input validation vulnerabilities @@ -70,6 +74,19 @@ Review categories: - 🟡 MEDIUM: Code smells, maintainability issues - 🟢 LOW: Style issues, minor improvements +**Technology-specific considerations to evaluate:** +- **Web frameworks**: CSRF protection, input sanitization, session handling, middleware security +- **Database interactions**: Query optimization, connection pooling, migration safety, transaction handling +- **API design**: Rate limiting, authentication schemes, data validation, error handling +- **Frontend code**: Component lifecycle, state management, accessibility, performance +- **Microservices**: Service boundaries, communication patterns, fault tolerance, observability +- **DevOps/Infrastructure**: Configuration management, secrets handling, deployment safety +- **Testing**: Coverage gaps, test quality, mocking strategies, integration test patterns +- **Concurrency**: Thread safety, race conditions, deadlock prevention, async patterns +- **Third-party dependencies**: Version compatibility, security updates, license compliance + +Always examine the code structure and imports to identify the specific technologies in use, then focus your review on the most relevant categories for that technology stack. + Format each issue as: [SEVERITY] File:Line - Issue description → Fix: Specific solution with code example