Code Review Pipeline

Overview

Multi-dimensional code review methodology adapted from the Everything Claude Code project. Reviews across 4 dimensions with confidence-gated issue reporting and automated remediation loops.

Review Dimensions

Dimension 1: Correctness

• Logic errors and off-by-one mistakes
• Edge case handling (null, undefined, empty, boundary)
• Type safety (no implicit any, proper narrowing)
• Error handling completeness
• Floating promise detection
• Race condition analysis

Dimension 2: Security

• Injection vectors (SQL, XSS, command, template)
• Authentication and authorization gaps
• Data exposure (PII, credentials, internal state)
• Dependency vulnerabilities (known CVEs)
• Input validation completeness

Dimension 3: Performance

• Algorithmic complexity (O(n^2) detection)
• Memory leaks (event listeners, closures, caches)
• Unnecessary allocations in hot paths
• Database query optimization (N+1, missing indexes)
• Bundle size impact

Dimension 4: Maintainability

• Naming clarity and consistency
• Documentation completeness (JSDoc, inline comments)
• Test coverage adequacy
• Coupling analysis (afferent/efferent)
• File organization compliance

Confidence Gating

• Score each issue 0-100 on confidence
• Only report issues >= 80% confidence
• Prevents false positive noise
• Higher confidence for clear patterns, lower for heuristic matches

Remediation Loop

• Prioritize: critical > high > medium > low
• Apply fixes via refactor-cleaner agent
• Re-review after remediation
• Maximum 2 remediation cycles
• Exit when no critical/high issues remain

When to Use

• Post-implementation review
• Pre-merge PR review
• Security audit
• Technical debt assessment

Agents Used

• code-reviewer (primary)
• refactor-cleaner (remediation)