â /code-review
Code review a pull request
Command Usage
Invoke this command in Claude Code:
/code-reviewallowed-tools: Bash(gh issue view:), Bash(gh search:), Bash(gh issue list:), Bash(gh pr comment:), Bash(gh pr diff:), Bash(gh pr view:), Bash(gh pr list:*) description: Code review a pull request disable-model-invocation: false
Provide a code review for the given pull request.
To do this, follow these steps precisely:
-
Use a Haiku agent to check if the pull request (a) is closed, (b) is a draft, (c) does not need a code review (eg. because it is an automated pull request, or is very simple and obviously ok), (d) already has a code review from you from earlier, OR (e) is too large (>1000 lines changed) and should be split. If any of these conditions are true, do not proceed.
-
Use another Haiku agent to give you a list of file paths to (but not the contents of) any relevant CLAUDE.md files from the codebase: the root CLAUDE.md file (if one exists), as well as any CLAUDE.md files in the directories whose files the pull request modified
-
Use a Haiku agent to view the pull request, and ask the agent to return a summary of the change
-
Then, launch 5 parallel Sonnet agents to independently code review the change. Each agent should use the code-reviewer skill from bushido. The agents should work independently without seeing other agents' findings, then return a list of issues and the reason each issue was flagged (eg. CLAUDE.md adherence, bug, historical git context, etc.): a. Agent #1: Audit the changes to make sure they comply with the CLAUDE.md. Note that CLAUDE.md is guidance for Claude as it writes code, so not all instructions will be applicable during code review. b. Agent #2: Read the file changes in the pull request, then do a shallow scan for obvious bugs. Avoid reading extra context beyond the changes, focusing just on the changes themselves. Focus on large bugs, and avoid small issues and nitpicks. Ignore likely false positives. c. Agent #3: Read the git blame and history of the code modified, to identify any bugs in light of that historical context d. Agent #4: Read previous pull requests that touched these files, and check for any comments on those pull requests that may also apply to the current pull request. e. Agent #5: Read code comments in the modified files, and make sure the changes in the pull request comply with any guidance in the comments.
IMPORTANT: After all 5 agents complete, verify their work using proof-of-work principles:
- Check each agent's output isn't empty or generic
- Verify issue descriptions include specific file paths and line numbers
- Confirm agents didn't all return "no issues found" without actual analysis
- If verification fails for any agent, note it but proceed with verified results
-
Deduplicate and score issues: a. First, deduplicate issues from step 4:
- Group issues by file path and line range (issues within ±3 lines are considered duplicates)
- For each group, combine similar descriptions and keep the most detailed version
- Merge reasoning from all agents that found the same issue
b. Then, for each unique issue, launch a parallel Haiku agent that takes the PR, issue description, and list of CLAUDE.md files (from step 2), and returns a score to indicate the agent's level of confidence for whether the issue is real or false positive. To do that, the agent should score each issue on a scale from 0-100, indicating its level of confidence. For issues that were flagged due to CLAUDE.md instructions, the agent should double check that the CLAUDE.md actually calls out that issue specifically. The scale is (give this rubric to the agent verbatim):
- 0: Not confident at all. This is a false positive that doesn't stand up to light scrutiny, or is a pre-existing issue.
- 25: Somewhat confident. This might be a real issue, but may also be a false positive. The agent wasn't able to verify that it's a real issue. If the issue is stylistic, it is one that was not explicitly called out in the relevant CLAUDE.md.
- 50: Moderately confident. The agent was able to verify this is a real issue, but it might be a nitpick or not happen very often in practice. Relative to the rest of the PR, it's not very important.
- 75: Highly confident. The agent double checked the issue, and verified that it is very likely it is a real issue that will be hit in practice. The existing approach in the PR is insufficient. The issue is very important and will directly impact the code's functionality, or it is an issue that is directly mentioned in the relevant CLAUDE.md.
- 100: Absolutely certain. The agent double checked the issue, and confirmed that it is definitely a real issue, that will happen frequently in practice. The evidence directly confirms this.
-
Filter out any issues with a score less than 80. If there are no issues that meet this criteria, do not proceed.
-
Use a Haiku agent to repeat the eligibility check from #1, to make sure that the pull request is still eligible for code review.
-
Finally, use the gh bash command to comment back on the pull request with the result. When writing your comment, keep in mind to: a. Keep your output brief b. Avoid emojis c. Link and cite relevant code, files, and URLs
Examples of false positives, for steps 4 and 5:
- Pre-existing issues
- Something that looks like a bug but is not actually a bug
- Pedantic nitpicks that a senior engineer wouldn't call out
- Issues that a linter, typechecker, or compiler would catch (eg. missing or incorrect imports, type errors, broken tests, formatting issues, pedantic style issues like newlines). No need to run these build steps yourself -- it is safe to assume that they will be run separately as part of CI.
- General code quality issues (eg. lack of test coverage, general security issues, poor documentation), unless explicitly required in CLAUDE.md
- Issues that are called out in CLAUDE.md, but explicitly silenced in the code (eg. due to a lint ignore comment)
- Changes in functionality that are likely intentional or are directly related to the broader change
- Real issues, but on lines that the user did not modify in their pull request
Notes:
- Do not check build signal or attempt to build or typecheck the app. These will run separately, and are not relevant to your code review.
- Use
ghto interact with Github (eg. to fetch a pull request, or to create inline comments), rather than web fetch - Use TodoWrite tool to track progress through steps 1-8
- You must cite and link each bug (eg. if referring to a CLAUDE.md, you must link it)
- All review agents in step 4 should use the code-reviewer skill from bushido for systematic review process
- For your final comment, follow the following format precisely (assuming for this example that you found 3 issues):
Code review
Found 3 issues:
- <brief description of bug> (CLAUDE.md says "<...>")
- <brief description of bug> (some/other/CLAUDE.md says "<...>")
- <brief description of bug> (bug due to <file and code snippet>)
ð€ Generated with Claude Code
<sub>- If this code review was useful, please react with ð. Otherwise, react with ð.</sub>
- Or, if you found no issues:
Code review
No issues found. Checked for bugs and CLAUDE.md compliance.
ð€ Generated with Claude Code
- When linking to code, follow the following format precisely, otherwise the Markdown preview won't render correctly: https://github.com/anthropics/claude-cli-internal/blob/c21d3c10bc8e898b7ac1a2d745bdc9bc4e423afe/package.json#L10-L15
-
Requires full git sha
-
You must provide the full sha. Commands like
https://github.com/owner/repo/blob/$(git rev-parse HEAD)/foo/barwill not work, since your comment will be directly rendered in Markdown. -
Repo name must match the repo you're code reviewing
-
sign after the file name
-
Line range format is L[start]-L[end]
-
Provide at least 1 line of context before and after, centered on the line you are commenting about (eg. if you are commenting about lines 5-6, you should link to
L4-7)
-