A comprehensive code review command for Claude Code that performs multi-perspective analysis using specialized AI agents representing different stakeholder viewpoints.
- Peer Developer Review - Code quality, readability, best practices
- Software Architect Review - Design patterns, architecture, scalability
- Security Review - OWASP vulnerabilities, security best practices
- Product Perspective Review - UX, accessibility, feature completeness
- CTO/Strategic Review - Long-term maintainability, strategic alignment
- Claude Code CLI installed and configured
- A project to review
- Clone or download this repository
- Copy the folders to your project's
.claude/directory:
# From your project root
cp -r path/to/claude-code-code-review/commands .claude/
cp -r path/to/claude-code-code-review/review .claude/Your project structure should look like:
your-project/
├── .claude/
│ ├── commands/
│ │ └── code-review.md
│ └── review/
│ ├── agents/
│ │ ├── peer-developer.md
│ │ ├── architect.md
│ │ ├── security-reviewer.md
│ │ ├── product-perspective.md
│ │ └── cto-strategic.md
│ └── templates/
│ └── review-report.md
├── src/
└── ...
- (Optional) Add
review-reports/to your.gitignore:
echo "review-reports/" >> .gitignoreAfter installation, you can optimize the code reviewer for your specific codebase. This improves review relevance by focusing on patterns and conventions specific to your frameworks.
Run this prompt in Claude Code:
I just installed the code-review command in .claude/. Please:
1. Analyze my codebase to detect my tech stack (frameworks, state management, testing libraries, architecture patterns)
2. Read the command files in .claude/commands/code-review.md and .claude/review/agents/
3. Optimize each review agent by:
- Removing checks for technologies I don't use
- Adding review criteria specific to my frameworks (e.g., React hooks rules, Angular best practices)
- Incorporating my project's architecture patterns into the architect agent
- Adjusting the product perspective agent based on my UI framework
4. Keep the agent structure, perspective roles, and output format unchanged
Show me what you'll change before applying.
In Claude Code, run the code review command:
/code-review
| Command | Description |
|---|---|
/code-review |
Full review (all perspectives) |
/code-review quick |
Quick review (peer + security only) |
/code-review peer |
Peer developer review only |
/code-review arch |
Architect review only |
/code-review security |
Security review only |
/code-review product |
Product perspective only |
/code-review cto |
CTO/strategic review only |
/code-review pr |
Pull request mode (focused on diff) |
/code-review path/to/file.ts |
Review specific file |
/code-review path/to/directory/ |
Review specific directory |
Focus areas:
- Code readability and naming conventions
- Code organization and structure
- DRY principle violations
- SOLID principles compliance
- Comment quality and documentation
- Magic numbers and constants
- Error handling patterns
- Edge case coverage
- Cyclomatic complexity
- Function length (flags >50 lines)
- Unused code detection
- Import organization
- Formatting consistency
Output: Inline suggestions like a real PR review
Focus areas:
- Design pattern usage and appropriateness
- Architecture layer violations
- Dependency direction (clean architecture)
- Module coupling and cohesion
- Abstraction level consistency
- Interface segregation
- Single responsibility at module level
- Scalability concerns
- Technical debt identification
- Breaking changes detection
- API contract consistency
- State management patterns
- Separation of concerns
- Cross-cutting concerns handling
Output: Architecture diagrams (Mermaid), recommendations
Focus areas:
- OWASP Top 10 vulnerabilities
- Input validation patterns
- Output encoding
- Authentication flaws
- Sensitive data exposure
- SQL/NoSQL injection
- XSS vulnerabilities
- CSRF protection
- Insecure dependencies
- Cryptography misuse
- Session management
- Information leakage in errors
- Rate limiting
- CORS configuration
- File upload vulnerabilities
- Logging sensitive data
Output: Security findings with CVSS-style severity
Focus areas:
- Feature completeness
- UX implications of code changes
- Accessibility (a11y) compliance
- Internationalization (i18n) readiness
- Analytics and tracking implementation
- Error message user-friendliness
- Loading states and feedback
- Offline behavior handling
- Performance impact on user experience
- Feature flag implementation
- A/B testing readiness
- Mobile responsiveness
Output: Product impact assessment
Focus areas:
- Technical strategy alignment
- Build vs buy decisions
- Vendor lock-in risks
- Long-term maintainability
- Team knowledge distribution (bus factor)
- Onboarding complexity
- Technology choice rationale
- Cost implications (compute, storage, licensing)
- Compliance readiness (GDPR, SOC2, HIPAA)
- Open source license compatibility
- Migration path availability
- Risk assessment
Output: Executive summary with strategic recommendations
The reviewer auto-detects and adapts to:
Languages:
- TypeScript/JavaScript (Node.js, React, Angular, Vue, Next.js)
- Python (Django, Flask, FastAPI)
- PHP (Laravel, Symfony)
- .NET/C# (ASP.NET Core)
- Go (Gin, Echo, Fiber)
- Java (Spring Boot, Jakarta EE)
- Rust (Actix, Axum, Rocket)
Infrastructure:
- Docker, Kubernetes
- AWS, GCP, Azure
- Various CI/CD platforms
Reports are saved to review-reports/YYYY-MM-DD-HHmm-review.md with:
- Executive Summary (perspective summaries)
- Review Statistics (findings by severity and perspective)
- Critical Findings (full details + suggestions)
- High Priority Findings (full details + suggestions)
- Medium Priority Findings (abbreviated)
- Low Priority Findings (list format)
- Recommended Actions (prioritized by perspective)
To adapt for your specific needs:
- Perspective focus - Modify individual agents in
review/agents/ - Tech stack detection - Adjust patterns in
code-review.md - Report format - Modify
review/templates/review-report.md - Severity thresholds - Adjust in agent files
- Target Detection - Identifies files/directories to review
- Tech Stack Detection - Auto-detects frameworks and patterns
- Agent Execution - Spawns specialized agents for each perspective
- Finding Collection - Aggregates and categorizes findings
- Report Generation - Creates comprehensive markdown report
- Interactive Mode - Offers to apply suggested fixes
Contributions welcome! Please:
- Fork the repository
- Create a feature branch
- Submit a pull request
MIT License - see LICENSE file.
This tool provides automated code review suggestions based on patterns and best practices. It complements but does not replace human code review. Always apply judgment when implementing suggestions.