when-reviewing-code-comprehensively-use-code-review-assistantlisted

# Comprehensive Code Review Assistant ## Purpose Orchestrate multi-agent swarm review of pull requests with specialized reviewers for security, performance, style, test coverage, and documentation. Provides detailed feedback with auto-fix suggestions and merge readiness assessment. ## Core Principles - **Multi-Agent Specialization**: Dedicated agents for each review dimension - **Parallel Analysis**: Concurrent review across all quality vectors - **Evidence-Based**: Measurable quality metrics and validation gates - **Auto-Fix Capability**: Automated corrections where possible - **Merge Readiness**: Clear approval/rejection criteria ## Phase 1: Security Review ### Objective Identify and report security vulnerabilities, OWASP violations, and authentication/authorization issues. ### Agent Configuration ```yaml agent: security-manager specialization: security-audit validation: OWASP-Top-10 ``` ### Execution Steps **1. Initialize Security Scan** ```bash # Pre-task setup npx claude-flow@alpha hooks pre-task \ --agent-id "security-manager" \ --description "Security vulnerability scanning" \ --task-type "security-audit" # Restore session context npx claude-flow@alpha hooks session-restore \ --session-id "code-review-swarm-${PR_ID}" \ --agent-id "security-manager" ``` **2. OWASP Top 10 Scan** ```bash # Scan for OWASP vulnerabilities npx eslint . --format json --config .eslintrc-security.json > security-report.json # Check for dependency vulnerabilities npm audit