agent-code-review-swarm
- Repo stars 54,444
- Author updated Live
- Author repo ruflo
- Domain
- AI
- Compatible agents
-
- Claude Code
- Cursor
- Cline
- Codex
- Windsurf
- Gemini CLI
- +20
- Trust score
- 88 / 100 · community maintained
- Author / version / license
- @ruvnet · no license declared
- Token usage
- Lean
- Setup complexity
- Manual integration
- External API key
- Required · GitHub
- Operating systems
- Linux
- Runtime requirements
- No special requirements
- Permissions
-
- Read-only
- Write / modify
- Shell exec
- Network behavior
- External requests
- Install commands
- 26 variants
Profile is derived at build time from SKILL.md and install vectors. Subject to drift from author intent.
Heads up: 未限定 allowed-tools,默认拥有全部工具权限。
---
name: agent-code-review-swarm
description: Agent skill for code-review-swarm - invoke with $agent-code-review-swarm name: code-review-swarm…
category: ai
runtime: no special runtime
---
# agent-code-review-swarm output preview
## PART A: Task fit
- Use case: Agent skill for code-review-swarm - invoke with $agent-code-review-swarm name: code-review-swarm description: Deploy specialized AI agents to perform comprehensive, intelligent code reviews that go beyond traditional static analysis tools: mcpclaude-flowswarminit, mcpclaude-flowagentspawn, mcpclaude-flowtask_orchestrate, Bash, Read, Write, TodoWrite type:….
- Inputs: target material, constraints, expected output, and acceptance criteria.
- Evidence boundary: follow “Overview / Core Features / 1. Multi-Agent Review System” and do not present inference as author intent.
## PART B: Execution result
- **01** The card summarizes the use case; runtime output centers on “Agent skill for code-review-swarm - invoke with $agent-code-review-swarm name: code-review-swarm description: Deploy specialized AI agents to perform comprehensive, intelligent code reviews that go beyond traditional static analysis tools: mcpclaude-flowswarminit, mcpclaude-flowagentspawn, mcpclaude-flowtask_orchestrate, Bash, Read, Write, TodoWrite type:…”.
- **02** When the source has headings, the agent prioritizes “Overview / Core Features / 1. Multi-Agent Review System” so the result follows the author’s structure.
- **03** Typical output includes task judgment, concrete steps, required commands or file edits, validation, and follow-up options.
- **04** Risk context follows the fingerprint: read files, write/modify files, run shell commands; may access external network resources; requires GitHub API keys.
## Running Rules
- read files, write/modify files, run shell commands; may access external network resources; requires GitHub API keys.
- Validate with a small sample before expanding scope.
- Return the result, validation criteria, and next iteration options. The source does not require a stable slash command. After installation, invoke the skill by name and describe the task.
Name target files or source material, expected output, forbidden changes, and whether network or shell access is allowed. Permission fingerprint: read files, write/modify files, run shell commands.
Start with a small task and check whether the result follows “Overview / Core Features / 1. Multi-Agent Review System”. Inspect diffs, logs, previews, or tests before expanding scope.
Confirm the final output includes a concrete result, evidence, and next action. If it stays generic, tighten inputs, boundaries, and acceptance criteria.
---
name: agent-code-review-swarm
description: Agent skill for code-review-swarm - invoke with $agent-code-review-swarm name: code-review-swarm…
category: ai
source: ruvnet/ruflo
---
# agent-code-review-swarm
## When to use
- Agent skill for code-review-swarm - invoke with $agent-code-review-swarm name: code-review-swarm description: Deploy s…
- Use it when the task has clear inputs, repeatable steps, and validation criteria.
## What to provide
- Target material, scope, expected result, and forbidden changes.
- Whether network, commands, file writes, or external services are allowed.
## Execution rules
- Organize steps around “Overview / Core Features / 1. Multi-Agent Review System” and keep inference separate from source facts.
- read files, write/modify files, run shell commands; may access external network resources; requires GitHub API keys.
- Validate with a small sample before expanding the task.
## Output requirements
- Return the deliverable, key evidence, validation method, and next action.
- Mark missing information as unknown; do not invent commands, platforms, or dependencies. The author source anchors workflow facts; repository files anchor sources and commands; Fluxly only adds fit, limitations, and quality judgment.
skill "agent-code-review-swarm" {
input -> user goal + target files + boundaries + acceptance criteria
context -> Overview / Core Features / 1. Multi-Agent Review System
rules -> SKILL.md triggers / order / output contract
runtime -> no special runtime | read files, write/modify files, run shell commands | may access external network resources
guardrails -> requires GitHub API keys + small-sample validation + diff/log review
output -> copyable result + checklist + next iteration
} name: code-review-swarm description: Deploy specialized AI agents to perform comprehensive, intelligent code reviews that go beyond traditional static analysis tools: mcp__claude-flow__swarm_init, mcp__claude-flow__agent_spawn, mcp__claude-flow__task_orchestrate, Bash, Read, Write, TodoWrite color: blue type: development capabilities:
- Automated multi-agent code review
- Security vulnerability analysis
- Performance bottleneck detection
- Architecture pattern validation
- Style and convention enforcement priority: high hooks: pre: | echo "Starting code-review-swarm..." echo "Initializing multi-agent review system" gh auth status || (echo "GitHub CLI not authenticated" && exit 1) post: | echo "Completed code-review-swarm" echo "Review results posted to GitHub" echo "Quality gates evaluated"
Code Review Swarm - Automated Code Review with AI Agents
Overview
Deploy specialized AI agents to perform comprehensive, intelligent code reviews that go beyond traditional static analysis.
Core Features
1. Multi-Agent Review System
# Initialize code review swarm with gh CLI
# Get PR details
PR_DATA=$(gh pr view 123 --json files,additions,deletions,title,body)
PR_DIFF=$(gh pr diff 123)
# Initialize swarm with PR context
npx ruv-swarm github review-init \
--pr 123 \
--pr-data "$PR_DATA" \
--diff "$PR_DIFF" \
--agents "security,performance,style,architecture,accessibility" \
--depth comprehensive
# Post initial review status
gh pr comment 123 --body "🔍 Multi-agent code review initiated"
2. Specialized Review Agents
Security Agent
# Security-focused review with gh CLI
# Get changed files
CHANGED_FILES=$(gh pr view 123 --json files --jq '.files[].path')
# Run security review
SECURITY_RESULTS=$(npx ruv-swarm github review-security \
--pr 123 \
--files "$CHANGED_FILES" \
--check "owasp,cve,secrets,permissions" \
--suggest-fixes)
# Post security findings
if echo "$SECURITY_RESULTS" | grep -q "critical"; then
# Request changes for critical issues
gh pr review 123 --request-changes --body "$SECURITY_RESULTS"
# Add security label
gh pr edit 123 --add-label "security-review-required"
else
# Post as comment for non-critical issues
gh pr comment 123 --body "$SECURITY_RESULTS"
fi
Performance Agent
# Performance analysis
npx ruv-swarm github review-performance \
--pr 123 \
--profile "cpu,memory,io" \
--benchmark-against main \
--suggest-optimizations
Architecture Agent
# Architecture review
npx ruv-swarm github review-architecture \
--pr 123 \
--check "patterns,coupling,cohesion,solid" \
--visualize-impact \
--suggest-refactoring
3. Review Configuration
# .github$review-swarm.yml
version: 1
review:
auto-trigger: true
required-agents:
- security
- performance
- style
optional-agents:
- architecture
- accessibility
- i18n
thresholds:
security: block
performance: warn
style: suggest
rules:
security:
- no-eval
- no-hardcoded-secrets
- proper-auth-checks
performance:
- no-n-plus-one
- efficient-queries
- proper-caching
architecture:
- max-coupling: 5
- min-cohesion: 0.7
- follow-patterns
Review Agents
Security Review Agent
// Security checks performed
{
"checks": [
"SQL injection vulnerabilities",
"XSS attack vectors",
"Authentication bypasses",
"Authorization flaws",
"Cryptographic weaknesses",
"Dependency vulnerabilities",
"Secret exposure",
"CORS misconfigurations"
],
"actions": [
"Block PR on critical issues",
"Suggest secure alternatives",
"Add security test cases",
"Update security documentation"
]
}
Performance Review Agent
// Performance analysis
{
"metrics": [
"Algorithm complexity",
"Database query efficiency",
"Memory allocation patterns",
"Cache utilization",
"Network request optimization",
"Bundle size impact",
"Render performance"
],
"benchmarks": [
"Compare with baseline",
"Load test simulations",
"Memory leak detection",
"Bottleneck identification"
]
}
Style & Convention Agent
// Style enforcement
{
"checks": [
"Code formatting",
"Naming conventions",
"Documentation standards",
"Comment quality",
"Test coverage",
"Error handling patterns",
"Logging standards"
],
"auto-fix": [
"Formatting issues",
"Import organization",
"Trailing whitespace",
"Simple naming issues"
]
}
Architecture Review Agent
// Architecture analysis
{
"patterns": [
"Design pattern adherence",
"SOLID principles",
"DRY violations",
"Separation of concerns",
"Dependency injection",
"Layer violations",
"Circular dependencies"
],
"metrics": [
"Coupling metrics",
"Cohesion scores",
"Complexity measures",
"Maintainability index"
]
}
Advanced Review Features
1. Context-Aware Reviews
# Review with full context
npx ruv-swarm github review-context \
--pr 123 \
--load-related-prs \
--analyze-impact \
--check-breaking-changes
2. Learning from History
# Learn from past reviews
npx ruv-swarm github review-learn \
--analyze-past-reviews \
--identify-patterns \
--improve-suggestions \
--reduce-false-positives
3. Cross-PR Analysis
# Analyze related PRs together
npx ruv-swarm github review-batch \
--prs "123,124,125" \
--check-consistency \
--verify-integration \
--combined-impact
Review Automation
Auto-Review on Push
# .github$workflows$auto-review.yml
name: Automated Code Review
on:
pull_request:
types: [opened, synchronize]
jobs:
swarm-review:
runs-on: ubuntu-latest
steps:
- uses: actions$checkout@v3
with:
fetch-depth: 0
- name: Setup GitHub CLI
run: echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token
- name: Run Review Swarm
run: |
# Get PR context with gh CLI
PR_NUM=${{ github.event.pull_request.number }}
PR_DATA=$(gh pr view $PR_NUM --json files,title,body,labels)
# Run swarm review
REVIEW_OUTPUT=$(npx ruv-swarm github review-all \
--pr $PR_NUM \
--pr-data "$PR_DATA" \
--agents "security,performance,style,architecture")
# Post review results
echo "$REVIEW_OUTPUT" | gh pr review $PR_NUM --comment -F -
# Update PR status
if echo "$REVIEW_OUTPUT" | grep -q "approved"; then
gh pr review $PR_NUM --approve
elif echo "$REVIEW_OUTPUT" | grep -q "changes-requested"; then
gh pr review $PR_NUM --request-changes -b "See review comments above"
fi
Review Triggers
// Custom review triggers
{
"triggers": {
"high-risk-files": {
"paths": ["**$auth/**", "**$payment/**"],
"agents": ["security", "architecture"],
"depth": "comprehensive"
},
"performance-critical": {
"paths": ["**$api/**", "**$database/**"],
"agents": ["performance", "database"],
"benchmarks": true
},
"ui-changes": {
"paths": ["**$components/**", "**$styles/**"],
"agents": ["accessibility", "style", "i18n"],
"visual-tests": true
}
}
}
Review Comments
Intelligent Comment Generation
# Generate contextual review comments with gh CLI
# Get PR diff with context
PR_DIFF=$(gh pr diff 123 --color never)
PR_FILES=$(gh pr view 123 --json files)
# Generate review comments
COMMENTS=$(npx ruv-swarm github review-comment \
--pr 123 \
--diff "$PR_DIFF" \
--files "$PR_FILES" \
--style "constructive" \
--include-examples \
--suggest-fixes)
# Post comments using gh CLI
echo "$COMMENTS" | jq -c '.[]' | while read -r comment; do
FILE=$(echo "$comment" | jq -r '.path')
LINE=$(echo "$comment" | jq -r '.line')
BODY=$(echo "$comment" | jq -r '.body')
# Create review with inline comments
gh api \
--method POST \
$repos/:owner/:repo$pulls/123$comments \
-f path="$FILE" \
-f line="$LINE" \
-f body="$BODY" \
-f commit_id="$(gh pr view 123 --json headRefOid -q .headRefOid)"
done
Comment Templates
<!-- Security Issue Template -->
🔒 **Security Issue: [Type]**
**Severity**: 🔴 Critical / 🟡 High / 🟢 Low
**Description**:
[Clear explanation of the security issue]
**Impact**:
[Potential consequences if not addressed]
**Suggested Fix**:
```language
[Code example of the fix]
References:
### Batch Comment Management
```bash
# Manage review comments efficiently
npx ruv-swarm github review-comments \
--pr 123 \
--group-by "agent,severity" \
--summarize \
--resolve-outdated
Integration with CI/CD
Status Checks
# Required status checks
protection_rules:
required_status_checks:
contexts:
- "review-swarm$security"
- "review-swarm$performance"
- "review-swarm$architecture"
Quality Gates
# Define quality gates
npx ruv-swarm github quality-gates \
--define '{
"security": {"threshold": "no-critical"},
"performance": {"regression": "<5%"},
"coverage": {"minimum": "80%"},
"architecture": {"complexity": "<10"}
}'
Review Metrics
# Track review effectiveness
npx ruv-swarm github review-metrics \
--period 30d \
--metrics "issues-found,false-positives,fix-rate" \
--export-dashboard
Best Practices
1. Review Configuration
- Define clear review criteria
- Set appropriate thresholds
- Configure agent specializations
- Establish override procedures
2. Comment Quality
- Provide actionable feedback
- Include code examples
- Reference documentation
- Maintain respectful tone
3. Performance
- Cache analysis results
- Incremental reviews for large PRs
- Parallel agent execution
- Smart comment batching
Advanced Features
1. AI Learning
# Train on your codebase
npx ruv-swarm github review-train \
--learn-patterns \
--adapt-to-style \
--improve-accuracy
2. Custom Review Agents
// Create custom review agent
class CustomReviewAgent {
async review(pr) {
const issues = [];
// Custom logic here
if (await this.checkCustomRule(pr)) {
issues.push({
severity: 'warning',
message: 'Custom rule violation',
suggestion: 'Fix suggestion'
});
}
return issues;
}
}
3. Review Orchestration
# Orchestrate complex reviews
npx ruv-swarm github review-orchestrate \
--strategy "risk-based" \
--allocate-time-budget \
--prioritize-critical
Examples
Security-Critical PR
# Auth system changes
npx ruv-swarm github review-init \
--pr 456 \
--agents "security,authentication,audit" \
--depth "maximum" \
--require-security-approval
Performance-Sensitive PR
# Database optimization
npx ruv-swarm github review-init \
--pr 789 \
--agents "performance,database,caching" \
--benchmark \
--profile
UI Component PR
# New component library
npx ruv-swarm github review-init \
--pr 321 \
--agents "accessibility,style,i18n,docs" \
--visual-regression \
--component-tests
Monitoring & Analytics
Review Dashboard
# Launch review dashboard
npx ruv-swarm github review-dashboard \
--real-time \
--show "agent-activity,issue-trends,fix-rates"
Review Reports
# Generate review reports
npx ruv-swarm github review-report \
--format "markdown" \
--include "summary,details,trends" \
--email-stakeholders
See also: swarm-pr.md, workflow-automation.md
Decide Fit First
Design Intent
How To Use It
Boundaries And Review