Review Quality Mentoring

Code Review
Coach

Structured code review with coaching feedback. Get severity-ranked findings with explanations that teach while they review.

$skillfish add johnefemer/skillfish/skills/code-review-coach

See it in action
terminal

When to Use

Three workflows where the Code Review Coach shines.

Pull Request Reviews

Run /review on any PR to get structured, severity-ranked feedback before merging.

Code Quality Audits

Point it at any file or module for a comprehensive quality assessment with actionable findings.

Developer Mentoring

Findings include the why, making every review a learning opportunity for growing developers.

How It Works

Four steps from code to coaching feedback.
1

Scan

Reads the code changes or target files to understand the full context, including imports, dependencies, and related modules.

2

Categorize

Groups findings into severity levels: Critical, Important, Suggestions, and Praise. Every issue gets a clear priority.

3

Coach

For each finding, explains the why not just the what — turning reviews into lessons with references and examples.

4

Summarize

Provides an overall score, a verdict, and actionable next steps so you know exactly what to fix first.

Review Categories

Every finding is classified into one of four severity levels.
🔴

Critical

must fix

Security vulnerabilities, data loss risks, race conditions, and anything that could cause production incidents.

🟡

Important

should fix

Performance issues, missing error handling, broken tests, and patterns that will cause problems at scale.

💡

Suggestions

consider

Readability improvements, better naming conventions, simplification opportunities, and code style refinements.

Praise

keep doing

Well-structured code, good test coverage, clean abstractions, and patterns worth recognizing and repeating.

Output Format

Clean, structured Markdown you can paste directly into a PR comment.

 
## Summary
Reviewed 3 files with 4 findings. Key concern: SQL injection vulnerability.

## 🔴 Critical
- **SQL injection in `buildQuery()`** (user-service.ts:42)
  Why: User input is concatenated directly into the query string.
  Instead, use parameterized queries to prevent injection attacks.

## 🟡 Important
- **Missing error handling in API route** (api/users.ts:18)
  Why: Unhandled promise rejection will crash the process in production.

## 💡 Suggestions
- **Extract repeated logic into helper** (utils/format.ts:7,22,41)
  Why: Three identical formatting blocks could share one function.

## ⭐ Praise
- Excellent test coverage on auth module (96%)
- Clean separation of concerns in service layer

## Score: 6.5/10
**Verdict:** Needs attention before merge

Ready to try it?

Install the Code Review Coach skill and start getting structured, coaching-style reviews in your workflow.

$skillfish add johnefemer/skillfish/skills/code-review-coach
← Browse all skills