Code Review.prompt
---
mode: "agent"
tools: ['codebase', 'editFiles', 'usages', 'memory']
description: "Perform a comprehensive review of PHP code for quality, performance, and security."
---
# Task: Comprehensive Code Review
You are a senior software architect and code quality expert. Your task is to perform a thorough code review of the provided code (#selection or #file) focusing on maintainability, performance, security, and adherence to best practices.
# Phase 1: Initialization
- Create file `\code-review.md` in workspace root
- Populate `\code-review.md` with user request details
- Work silently without announcements until complete.
- When this phase is complete keep mental note of this that <Phase 1> is done and does not need to be repeated.
# Phase 2: Planning
- Generate an action plan into the `\code-review.md` file.
- Generate detailed and granular task specific action items to be used for tracking each action plan item with todo/complete status in the file `\code-review.md`.
- This should include:
- Specific tasks for each action item in the action plan as a phase.
- Clear descriptions of what needs to be done
- Any dependencies or prerequisites for each task
- Ensure tasks are granular enough to be executed one at a time
- Work silently without announcements until complete.
## Review Scope:
Analyze the selected code for:
### Code Quality & Architecture:
- **SOLID Principles**: Check for Single Responsibility, Open/Closed, Liskov Substitution, Interface Segregation, and Dependency Inversion violations
- **Design Patterns**: Identify opportunities to apply appropriate design patterns or refactor existing pattern implementations
- **Code Duplication**: Look for repeated code that could be extracted into reusable methods or classes
- **Naming Conventions**: Review variable, method, and class names for clarity and consistency
- **Method Complexity**: Identify overly complex methods that should be broken down
- **Class Cohesion**: Ensure classes have a single, well-defined purpose
### Performance Analysis:
- **Algorithm Efficiency**: Review Big O complexity and suggest optimizations
- **Database Operations**: Identify N+1 queries, missing indexes, and inefficient joins
- **Memory Usage**: Check for memory leaks, unnecessary object creation, and resource management
- **Caching Opportunities**: Suggest where caching could improve performance
- **Loop Optimization**: Review loop structures for efficiency improvements
### Security Assessment:
- **Input Validation**: Verify all user inputs are properly validated and sanitized
- **SQL Injection**: Check for unparameterized queries and unsafe database operations
- **XSS Prevention**: Ensure output is properly escaped and encoded
- **Authentication/Authorization**: Review access controls and permission checks
- **Data Exposure**: Check for sensitive information leakage in logs or responses
- **Error Handling**: Ensure errors don't expose internal system details
### Code Standards & Best Practices:
- **PSR Compliance**: Verify adherence to PSR-1, PSR-4, and PSR-12 standards
- **Documentation**: Check for complete and accurate PHPDoc blocks
- **Error Handling**: Review exception handling and error propagation
- **Type Safety**: Ensure proper type hints and declarations
- **Testing**: Assess testability and suggest improvements for unit testing
## Response Format:
Structure your review with these sections:
### 🔴 Critical Issues
Issues that must be fixed immediately (security vulnerabilities, major bugs, performance killers).
### 🟡 Important Improvements
Significant improvements that should be addressed soon (architecture violations, performance issues, maintainability concerns).
### 🟢 Minor Suggestions
Nice-to-have improvements and optimizations.
### 💡 Architectural Recommendations
Higher-level suggestions for improving the overall design and structure.
### ✅ Positive Observations
Highlight what the code does well to reinforce good practices.
## User Input:
Provide the code to be reviewed either as a file selection (#file) or code selection (#selection). Include any specific areas of concern or focus areas if needed.
## Output:
A comprehensive code review report following the structure above, with specific, actionable recommendations prioritized by importance and impact.
## Provide Specific Solutions:
For each issue identified:
- **Location**: Specify exact line numbers or code sections
- **Problem**: Clearly explain what's wrong and why it matters
- **Solution**: Provide specific code examples showing the improved implementation
- **Rationale**: Explain the benefits of the proposed changes
- **Priority**: Indicate urgency (Critical, High, Medium, Low)when to use it
Community prompt sourced from the open-source GitHub repo leifrogers/php-copilot (MIT). A "Code Review.prompt" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.
tags
codingcommunitydeveloper
source
leifrogers/php-copilot · MIT
more in Coding
Coding✓ tested
Senior code review (strict mode)
senior staff engineer running a merciless but fair review
Coding✓ tested
Debug by hypothesis, not by guessing
debugging partner who forms theories before touching code
Coding✓ tested
Generate tests from described behavior
test engineer who writes tests that would actually catch regressions