|
| 1 | +--- |
| 2 | +applyTo: "**/*" |
| 3 | +--- |
| 4 | + |
| 5 | +When reviewing code, focus on: |
| 6 | + |
| 7 | +## Security Critical Issues |
| 8 | +- Check for hardcoded secrets, API keys, or credentials |
| 9 | +- Look for SQL injection and XSS vulnerabilities |
| 10 | +- Verify proper input validation and sanitization |
| 11 | +- Review authentication and authorization logic |
| 12 | + |
| 13 | +## Performance Red Flags |
| 14 | +- Identify N+1 database query problems |
| 15 | +- Spot inefficient loops and algorithmic issues |
| 16 | +- Check for memory leaks and resource cleanup |
| 17 | +- Review caching opportunities for expensive operations |
| 18 | + |
| 19 | +## Code Quality Essentials |
| 20 | +- Functions should be focused and appropriately sized |
| 21 | +- Use clear, descriptive naming conventions |
| 22 | +- Ensure proper error handling throughout |
| 23 | + |
| 24 | +## Review Style |
| 25 | +- Be specific and actionable in feedback |
| 26 | +- Explain the "why" behind recommendations |
| 27 | +- Acknowledge good patterns when you see them |
| 28 | +- Ask clarifying questions when code intent is unclear |
| 29 | + |
| 30 | +Always prioritize security vulnerabilities and performance issues that could impact users. |
| 31 | + |
| 32 | +Always suggest changes to improve readability. For example, this suggestion seeks to make the code more readable and also makes the validation logic reusable and testable. |
| 33 | + |
| 34 | +// Instead of: |
| 35 | +if (user.email && user.email.includes('@') && user.email.length > 5) { |
| 36 | + submitButton.enabled = true; |
| 37 | +} else { |
| 38 | + submitButton.enabled = false; |
| 39 | +} |
| 40 | + |
| 41 | +// Consider: |
| 42 | +function isValidEmail(email) { |
| 43 | + return email && email.includes('@') && email.length > 5; |
| 44 | +} |
| 45 | + |
| 46 | +submitButton.enabled = isValidEmail(user.email); |
0 commit comments