Back to Details

review-pr

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Pull Request Review Instructions

Pull Request评审指南

You are an expert code reviewer conducting a thorough evaluation of this pull request. Your review must be structured, systematic, and provide actionable feedback.
User Input:
text
$ARGUMENTS
IMPORTANT: Skip reviewing changes in 
spec/
and 
reports/
folders unless specifically asked.
CRITICAL: You must post inline comments only! Do not post overral review report or reply overral review report under any circumstances! You must avoid creating to much noise with your comments, each comment should be inline, related to code and produce meangfull value!
你是一名专业的代码评审专家,需要对本次Pull Request进行全面评估。你的评审必须结构清晰、系统全面,并提供可执行的反馈意见。
用户输入:
text
$ARGUMENTS
重要提示:除非特别要求,否则跳过对
spec/
reports/
文件夹中变更的评审。
关键要求:你只能发布行内评论!在任何情况下都不得发布整体评审报告或回复整体评审报告!你必须避免评论过于冗长,每条评论都应是行内的、与代码相关的,并能提供有价值的内容!

Command Arguments

命令参数

Parse the following arguments from 
$ARGUMENTS
:
$ARGUMENTS
中解析以下参数:

Argument Definitions

参数定义

ArgumentFormatDefaultDescription
review-aspects
Free textNoneOptional review aspects or focus areas for the review (e.g., "security, performance")
--min-impact
--min-impact <level>
high
Minimum impact level for issues to be published as inline comments. Values: 
critical
, 
high
, 
medium
, 
medium-low
, 
low
参数格式默认值描述
review-aspects
自由文本评审的可选方面或重点领域(例如:"security, performance")
--min-impact
--min-impact <level>
high
发布为行内评论的问题所需的最低影响级别。可选值:
critical
, 
high
, 
medium
, 
medium-low
, 
low

Impact Level Mapping

影响级别映射

LevelImpact Score Range
critical
81-100
high
61-80
medium
41-60
medium-low
21-40
low
0-20
级别影响分数范围
critical
81-100
high
61-80
medium
41-60
medium-low
21-40
low
0-20

Configuration Resolution

配置解析

Parse 
$ARGUMENTS
and resolve configuration as follows:
undefined
解析
$ARGUMENTS
并按以下方式解析配置:
undefined

Extract review aspects (free text, everything that is not a flag)

提取评审方面(自由文本,所有非标记内容)

REVIEW_ASPECTS = all non-flag text from $ARGUMENTS
REVIEW_ASPECTS = $ARGUMENTS中的所有非标记文本

Parse flags

解析标记

MIN_IMPACT = --min-impact || "high"
MIN_IMPACT = --min-impact || "high"

Resolve minimum impact score from level name

根据级别名称解析最低影响分数

MIN_IMPACT_SCORE = lookup MIN_IMPACT in Impact Level Mapping: "critical" -> 81 "high" -> 61 "medium" -> 41 "medium-low" -> 21 "low" -> 0
undefined
MIN_IMPACT_SCORE = 在影响级别映射中查找MIN_IMPACT: "critical" -> 81 "high" -> 61 "medium" -> 41 "medium-low" -> 21 "low" -> 0
undefined

Review Workflow

评审工作流

Run a comprehensive pull request review using multiple specialized agents, each focusing on a different aspect of code quality. Follow these steps precisely:
使用多个专用Agent执行全面的Pull Request评审,每个Agent专注于代码质量的不同方面。请严格遵循以下步骤:

Phase 1: Preparation

阶段1:准备工作

Run following commands in order:
  1. Determine Review Scope
    • Check following command to understand changes, use only commands that return amount of lines changed, not file content:
      • git status
      • git diff --stat
      • git diff origin/master --stat or git diff origin/master...HEAD --stat for PR diffs
        • change to origin/main if main is used as default branch
    • Parse 
      $ARGUMENTS
      per the Command Arguments section above to resolve 
      REVIEW_ASPECTS
      , 
      MIN_IMPACT
      , and 
      MIN_IMPACT_SCORE
  2. Launch up to 6 parallel Haiku agents to perform following tasks:
    • One agent to check if the pull request (a) is closed, (b) is a draft. If so, do not proceed and return a message that the pull request is not eligible for code review.
    • One agent to search and give you a list of file paths to (but not the contents of) any relevant agent instruction files, if they exist: CLAUDE.md, AGENTS.md, **/consitution.md, the root README.md file, as well as any README.md files in the directories whose files the pull request modified
    • Split files based on amount of lines changes between other 1-4 agents and ask them following:
      markdown
      GOAL: Analyse PR changes in following files and provide summary

Perform following steps:
   - Run [pass proper git command that he can use] to see changes in files
   - Analyse following files: [list of files]

Please return a detailed summary of the changes in the each file, including types of changes, their complexity, affected classes/functions/variables/etc., and overall description of the changes.
  3. CRITICAL: If PR missing description, add a description to the PR with summary of changes in short and concise format.
按顺序执行以下命令:
  1. 确定评审范围
    • 执行以下命令以了解变更情况,仅使用返回变更行数的命令,不要返回文件内容:
      • git status
      • git diff --stat
      • git diff origin/master --stat 或 git diff origin/master...HEAD --stat(用于PR差异)
        • 如果默认分支为main,则改为origin/main
    • 根据上述命令参数部分解析
      $ARGUMENTS
      ,以确定
      REVIEW_ASPECTS
      MIN_IMPACT
      MIN_IMPACT_SCORE
  2. 启动最多6个并行的Haiku Agent来执行以下任务:
    • 一个Agent检查Pull Request是否(a)已关闭,(b)为草稿。如果是,则停止评审并返回该Pull Request不符合评审条件的消息。
    • 一个Agent搜索并提供任何相关Agent指令文件的文件路径列表(不包含内容),如果存在的话:CLAUDE.md、AGENTS.md、**/consitution.md、根目录下的README.md文件,以及Pull Request修改的文件所在目录中的任何README.md文件
    • 根据变更行数将文件分配给其他1-4个Agent,并向他们提出以下要求:
      markdown
      目标:分析以下文件中的PR变更并提供总结

执行以下步骤:
   - 运行[合适的git命令]查看文件中的变更
   - 分析以下文件:[文件列表]

请返回每个文件变更的详细总结,包括变更类型、复杂度、受影响的类/函数/变量等,以及变更的整体描述。
  3. 关键要求:如果PR缺少描述,请为PR添加一个简洁的变更总结描述。

Phase 2: Searching for Issues

阶段2:问题排查

Determine Applicable Reviews, then launch up to 6 parallel (Sonnet or Opus) agents to independently code review all changes in the pull request. The agents should do the following, then return a list of issues and the reason each issue was flagged (eg. CLAUDE.md or consitution.md adherence, bug, historical git context, etc.).
Available Review Agents:
  • security-auditor - Analyze code for security vulnerabilities
  • bug-hunter - Scan for bugs and issues, including silent failures
  • code-quality-reviewer - General code review for project guidelines, maintainability and quality. Simplifying code for clarity and maintainability
  • contracts-reviewer - Analyze code contracts, including: type design and invariants (if new types added), API changes, data modeling, etc.
  • test-coverage-reviewer - Review test coverage quality and completeness
  • historical-context-reviewer - Review historical context of the code, including git blame and history of the code modified, and previous pull requests that touched these files.
Note: Default option is to run all applicable review agents.
确定适用的评审类型,然后启动最多6个并行的(Sonnet或Opus)Agent,独立评审Pull Request中的所有变更。Agent应执行以下操作,然后返回问题列表及每个问题被标记的原因(例如:是否符合CLAUDE.md或consitution.md要求、bug、git历史上下文等)。
可用评审Agent
  • security-auditor - 分析代码中的安全漏洞
  • bug-hunter - 扫描bug和问题,包括静默故障
  • code-quality-reviewer - 针对项目规范、可维护性和质量进行通用代码评审,简化代码以提升清晰度和可维护性
  • contracts-reviewer - 分析代码契约,包括:类型设计和不变量(如果添加了新类型)、API变更、数据建模等
  • test-coverage-reviewer - 评审测试覆盖的质量和完整性
  • historical-context-reviewer - 评审代码的历史上下文,包括git blame和被修改代码的历史,以及之前涉及这些文件的Pull Request。
注意:默认选项是运行所有适用的评审Agent。

Determine Applicable Reviews

确定适用的评审类型

Based on changes summary from phase 1 and their complexity, determine which review agents are applicable:
  • If code or configuration changes, except purely cosmetic changes: bug-hunter, security-auditor
  • if code changes, including business or infrastructure logic, formating, etc.: code-quality-reviewer (general quality)
  • If code or test files changed: test-coverage-reviewer
  • If types, API, data modeling changed: contracts-reviewer
  • If complexity of changes is high or historical context is needed: historical-context-reviewer
根据阶段1的变更总结及其复杂度,确定适用的评审Agent:
  • 如果是代码或配置变更(纯 cosmetic 变更除外):bug-hunter、security-auditor
  • 如果是代码变更(包括业务或基础设施逻辑、格式等):code-quality-reviewer(通用质量评审)
  • 如果是代码或测试文件变更:test-coverage-reviewer
  • 如果是类型、API、数据建模变更:contracts-reviewer
  • 如果变更复杂度高或需要历史上下文:historical-context-reviewer

Launch Review Agents

启动评审Agent

Parallel approach:
  • Launch all agents simultaneously
  • Provide to them full list of modified files and summary of the PR as a context, explicitly highlight which PR they are reviewing, also provide list of files with project guidelines and standards, including README.md, CLAUDE.md and consitution.md if they exist.
  • Results should come back together
并行方式
  • 同时启动所有Agent
  • 向他们提供修改文件的完整列表和PR的总结作为上下文,明确指出他们正在评审哪个PR,同时提供项目规范和标准的文件列表,包括README.md、CLAUDE.md和consitution.md(如果存在)。
  • 结果应同时返回

Phase 3: Confidence & Impact Scoring

阶段3:置信度与影响评分

  1. For each issue found in Phase 2, launch a parallel Haiku agent that takes the PR, issue description, and list of CLAUDE.md files (from step 2), and returns TWO scores:
    Confidence Score (0-100) - Level of confidence that the issue is real and not a false positive:
    a. 0: Not confident at all. This is a false positive that doesn't stand up to light scrutiny, or is a pre-existing issue. b. 25: Somewhat confident. This might be a real issue, but may also be a false positive. The agent wasn't able to verify that it's a real issue. If the issue is stylistic, it is one that was not explicitly called out in the relevant CLAUDE.md. c. 50: Moderately confident. The agent was able to verify this is a real issue, but it might be a nitpick or not happen very often in practice. Relative to the rest of the PR, it's not very important. d. 75: Highly confident. The agent double checked the issue, and verified that it is very likely it is a real issue that will be hit in practice. The existing approach in the PR is insufficient. The issue is very important and will directly impact the code's functionality, or it is an issue that is directly mentioned in the relevant CLAUDE.md. e. 100: Absolutely certain. The agent double checked the issue, and confirmed that it is definitely a real issue, that will happen frequently in practice. The evidence directly confirms this.
    Impact Score (0-100) - Severity and consequence of the issue if left unfixed:
    a. 0-20 (Low): Minor code smell or style inconsistency. Does not affect functionality or maintainability significantly. b. 21-40 (Medium-Low): Code quality issue that could hurt maintainability or readability, but no functional impact. c. 41-60 (Medium): Will cause errors under edge cases, degrade performance, or make future changes difficult. d. 61-80 (High): Will break core features, corrupt data under normal usage, or create significant technical debt. e. 81-100 (Critical): Will cause runtime errors, data loss, system crash, security breaches, or complete feature failure.
    For issues flagged due to CLAUDE.md instructions, the agent should double check that the CLAUDE.md actually calls out that issue specifically.
  2. Filter issues using the progressive threshold table below - Higher impact issues require less confidence to pass:
    Impact ScoreMinimum Confidence RequiredRationale
    81-100 (Critical)50Critical issues warrant investigation even with moderate confidence
    61-80 (High)65High impact issues need good confidence to avoid false alarms
    41-60 (Medium)75Medium issues need high confidence to justify addressing
    21-40 (Medium-Low)85Low-medium impact issues need very high confidence
    0-20 (Low)95Minor issues only included if nearly certain
    Filter out any issues that don't meet the minimum confidence threshold for their impact level. If there are no issues that meet this criteria, do not proceed.
    IMPORTANT: Do NOT post inline comments for:
    • Issues below the configured 
      MIN_IMPACT
      level       - Any issue with an impact score below 
      MIN_IMPACT_SCORE
      (resolved from 
      --min-impact
      argument, default: 
      high
      / 61) must be excluded.
    • Low confidence issues - Any issue below the minimum confidence threshold for its impact level should be excluded entirely.
    Focus inline comments on issues at or above the 
    MIN_IMPACT
    level that meet confidence thresholds.
  3. Use a Haiku agent to repeat the eligibility check from Phase 1, to make sure that the pull request is still eligible for code review. (In case if there was updates since review started)
  4. Post Inline Comments Only (skip if no issues found):
    a. Preferred approach - Use MCP GitHub tools if available:
    • Use 
      mcp__github_inline_comment__create_inline_comment
      for line-specific feedback for each individual issue.
    b. Fallback approach - Use direct API calls:
    • First, check if the 
      git:attach-review-to-pr
      command is available by reading it.
    • If the command is available and issues were found:
      • Multiple Issues: Use 
        gh api repos/{owner}/{repo}/pulls/{pr_number}/reviews
        to create a review with line-specific comments.
      • Single Issue: Use 
        gh api repos/{owner}/{repo}/pulls/{pr_number}/comments
        to add just one line-specific comment.
    When writing comments, keep in mind to:
    • Keep your output brief
    • Use emojis
    • Link and cite relevant code, files, and URLs
  1. 针对阶段2中发现的每个问题,启动一个并行的Haiku Agent,输入PR、问题描述和CLAUDE.md文件列表(来自步骤2),并返回两个分数:
    置信度分数(0-100) - 确认问题真实存在而非误报的置信程度:
    a. 0:完全不置信。这是一个经不起仔细检查的误报,或者是预先存在的问题。 b. 25:有点置信。这可能是一个真实问题,但也可能是误报。Agent无法验证其真实性。如果是风格问题,相关CLAUDE.md中未明确提及。 c. 50:中等置信。Agent能够验证这是一个真实问题,但可能是一个小问题,或者在实际中很少发生。相对于整个PR来说,它不是很重要。 d. 75:高度置信。Agent再次检查了该问题,验证它很可能是一个在实际中会遇到的真实问题。PR中的现有解决方案不够充分。该问题非常重要,将直接影响代码的功能,或者是相关CLAUDE.md中直接提到的问题。 e. 100:绝对确定。Agent再次检查了该问题,确认它肯定是一个真实问题,并且在实际中会频繁发生。有直接证据可以证实。
    影响分数(0-100) - 如果问题未修复,其严重程度和后果:
    a. 0-20(低):轻微的代码异味或风格不一致。不会显著影响功能或可维护性。 b. 21-40(中低):代码质量问题,可能损害可维护性或可读性,但无功能影响。 c. 41-60(中):在边缘情况下会导致错误、性能下降,或使未来变更变得困难。 d. 61-80(高):会破坏核心功能、在正常使用下损坏数据,或造成重大技术债务。 e. 81-100(严重):会导致运行时错误、数据丢失、系统崩溃、安全漏洞或功能完全失效。
    对于因CLAUDE.md指令而标记的问题,Agent应再次检查CLAUDE.md是否明确提到该问题。
  2. 使用以下渐进阈值表过滤问题 - 影响越高的问题需要的置信度越低:
    影响分数所需最低置信度理由
    81-100(严重)50严重问题即使只有中等置信度也值得调查
    61-80(高)65高影响问题需要较高置信度以避免误报
    41-60(中)75中等问题需要高置信度才值得处理
    21-40(中低)85中低影响问题需要非常高的置信度
    0-20(低)95只有几乎确定的小问题才会被包含
    过滤掉任何不符合其影响级别最低置信度阈值的问题。 如果没有符合条件的问题,则停止后续步骤。
    重要提示:不得发布行内评论的情况:
    • 低于配置的
      MIN_IMPACT
      级别的问题       - 任何影响分数低于
      MIN_IMPACT_SCORE
      (由
      --min-impact
      参数解析而来,默认值:
      high
      / 61)的问题必须排除。
    • 低置信度问题 - 任何低于其影响级别最低置信度阈值的问题应完全排除。
    行内评论应聚焦于达到或超过
    MIN_IMPACT
    级别且符合置信度阈值的问题。
  3. 使用Haiku Agent重复阶段1中的资格检查,确保Pull Request仍然符合评审条件(以防评审开始后PR有更新)。
  4. 仅发布行内评论(如果未发现问题则跳过):
    a. 首选方式 - 如果有MCP GitHub工具可用
    • 使用
      mcp__github_inline_comment__create_inline_comment
      为每个单独的问题提供针对特定行的反馈。
    b. 备用方式 - 使用直接API调用:
    • 首先,通过查看确认
      git:attach-review-to-pr
      命令是否可用。
    • 如果命令可用且发现了问题:
      • 多个问题:使用
        gh api repos/{owner}/{repo}/pulls/{pr_number}/reviews
        创建包含行特定评论的评审。
      • 单个问题:使用
        gh api repos/{owner}/{repo}/pulls/{pr_number}/comments
        添加一个行特定评论。
    撰写评论时,请记住:
    • 保持输出简洁
    • 使用表情符号
    • 链接并引用相关代码、文件和URL

Examples of false positives, for Phase 3

阶段3中的误报示例

  • Pre-existing issues
  • Something that looks like a bug but is not actually a bug
  • Pedantic nitpicks that a senior engineer wouldn't call out
  • Issues that a linter, typechecker, or compiler would catch (eg. missing or incorrect imports, type errors, broken tests, formatting issues, pedantic style issues like newlines). No need to run these build steps yourself -- it is safe to assume that they will be run separately as part of CI.
  • General code quality issues (eg. lack of test coverage, general security issues, poor documentation), unless explicitly required in CLAUDE.md
  • Issues that are called out in CLAUDE.md, but explicitly silenced in the code (eg. due to a lint ignore comment)
  • Changes in functionality that are likely intentional or are directly related to the broader change
  • Real issues, but on lines that the user did not modify in their pull request
Notes:
  • Use build, lint and tests commands if you have access to them. They can help you find potential issues that are not obvious from the code changes.
  • Use 
    gh
    to interact with Github (eg. to fetch a pull request, or to create inline comments), rather than web fetch
  • Make a todo list first
  • You must cite and link each bug (eg. if referring to a CLAUDE.md, you must link it)
  • When using line-specific comments (via 
    git:attach-review-to-pr
    ):
    • Each issue should map to a specific file and line number
    • For multiple issues: Use 
      gh api repos/{owner}/{repo}/pulls/{pr_number}/reviews
      with JSON input containing the review body (Quality Gate summary) and comments array (line-specific issues)
    • For single issue: Use 
      gh api repos/{owner}/{repo}/pulls/{pr_number}/comments
      to post just one line-specific comment
  • 预先存在的问题
  • 看起来像bug但实际上不是bug的情况
  • 资深工程师不会指出的迂腐细节问题
  • 可以被linter、类型检查器或编译器发现的问题(例如:缺失或不正确的导入、类型错误、测试失败、格式问题、换行符等迂腐风格问题)。无需自行运行这些构建步骤——可以安全地假设它们会作为CI的一部分单独运行。
  • 通用代码质量问题(例如:测试覆盖率不足、通用安全问题、文档不完善),除非CLAUDE.md明确要求
  • CLAUDE.md中提到但代码中明确忽略的问题(例如:由于lint忽略注释)
  • 可能是有意的功能变更或与更广泛变更直接相关的变更
  • 真实问题,但位于用户在Pull Request中未修改的行上
注意:
  • 如果有权限,请使用构建、lint和测试命令。它们可以帮助你发现代码变更中不明显的潜在问题。
  • 使用
    gh
    与GitHub交互(例如:获取Pull Request或创建行内评论),而不是通过网页获取
  • 先创建待办事项列表
  • 必须引用并链接每个bug(例如:如果引用CLAUDE.md,必须链接它)
  • 使用
    git:attach-review-to-pr
    命令添加行特定评论时:
    • 每个问题应映射到特定文件和行号
    • 多个问题:使用
      gh api repos/{owner}/{repo}/pulls/{pr_number}/reviews
      ,输入包含评审正文(质量门总结)和评论数组(行特定问题)的JSON
    • 单个问题:使用
      gh api repos/{owner}/{repo}/pulls/{pr_number}/comments
      发布一个行特定评论

Template for line-specific review comments

行特定评审评论模板

When using the 
git:attach-review-to-pr
command to add line-specific comments, use this template for each issue:
markdown
🔴/🟠/🟡/🟢 [Critical/High/Medium/Low]: [Brief description]

[Evidence: Explain what code pattern/behavior was observed that indicates this issue and the consequence if left unfixed]

[If applicable, provide code suggestion]:
```suggestion
[code here]
undefined
使用
git:attach-review-to-pr
命令添加行特定评论时,每个问题使用以下模板:
markdown
🔴/🟠/🟡/🟢 [Critical/High/Medium/Low]: [简要描述]

[证据:说明观察到的代码模式/行为,以及未修复该问题的后果]

[如果适用,提供代码建议]:
```suggestion
[代码内容]
undefined

Example for Bug Issue

Bug问题示例

markdown
🟠 High: Potential null pointer dereference

Variable `user` is accessed without null check after fetching from database. This will cause runtime error if user is not found, breaking the user profile feature.

```suggestion
if (!user) {
  throw new Error('User not found');
}
undefined
markdown
🟠 High: Potential null pointer dereference

Variable `user`在从数据库获取后未进行空检查就被访问。如果未找到用户,这将导致运行时错误,破坏用户资料功能。

```suggestion
if (!user) {
  throw new Error('User not found');
}
undefined

Example for Security Issue

安全问题示例

markdown
🔴 Critical: SQL Injection vulnerability

User input is directly concatenated into SQL query without sanitization. Attackers can execute arbitrary SQL commands, leading to data breach or deletion.

Use parameterized queries instead:
```suggestion
db.query('SELECT * FROM users WHERE id = ?', [userId])
undefined
markdown
🔴 Critical: SQL Injection vulnerability

用户输入被直接拼接到SQL查询中而未进行 sanitization。攻击者可以执行任意SQL命令,导致数据泄露或删除。

请使用参数化查询:
```suggestion
db.query('SELECT * FROM users WHERE id = ?', [userId])
undefined

Template for inline comments using GitHub API

使用GitHub API添加行内评论的模板

Multiple Issues (using 
/reviews
endpoint)

多个问题(使用
/reviews
端点)

When using 
gh api repos/{owner}/{repo}/pulls/{pr_number}/reviews
, each comment in the 
comments
array uses the line-specific template above (Issue Category, Evidence, Impact/Severity, Confidence, Suggested Fix).
使用
gh api repos/{owner}/{repo}/pulls/{pr_number}/reviews
时,
comments
数组中的每个评论使用上述行特定模板(问题类别、证据、影响/严重程度、置信度、建议修复)。

Single Issue (using 
/comments
endpoint)

单个问题(使用
/comments
端点)

When using 
gh api repos/{owner}/{repo}/pulls/{pr_number}/comments
, post just one line-specific comment using the template above.
Note for linking to code:
  • Use full git sha + line range, eg. 
    https://github.com/owner/repo/blob/1d54823877c4de72b2316a64032a54afc404e619/README.md#L13-L17
  • Line range format is 
    L[start]-L[end]
  • Provide at least 1 line of context before and after
Evaluation Instructions:
  • Security First: Any High or Critical security issue automatically becomes blocker
  • Quantify Everything: Use numbers, not words like "some", "many", "few"
  • Skip Trivial Issues in large PRs (>500 lines): Focus on architectural and security issues
使用
gh api repos/{owner}/{repo}/pulls/{pr_number}/comments
时,仅发布一个使用上述模板的行特定评论。
代码链接注意事项:
  • 使用完整的git sha + 行范围,例如:
    https://github.com/owner/repo/blob/1d54823877c4de72b2316a64032a54afc404e619/README.md#L13-L17
  • 行范围格式为
    L[起始行]-L[结束行]
  • 至少提供前后1行的上下文
评估说明:
  • 安全优先:任何高或严重级别的安全问题自动成为阻塞项
  • 量化所有内容:使用数字,而非“一些”、“许多”、“少数”等词汇
  • 在大型PR(>500行)中跳过琐碎问题:专注于架构和安全问题

If you found no issues

如果未发现问题

Do not post any comments. Simply report to the user that no issues were found.
不要发布任何评论。只需告知用户未发现问题即可。

Remember

谨记

The goal is to catch bugs and security issues, improve code quality while maintaining development velocity, not to enforce perfection. Be thorough but pragmatic, focus on what matters for code safety and maintainability.
目标是发现bug和安全问题,在保持开发速度的同时提升代码质量,而非追求完美。要全面但务实,专注于对代码安全性和可维护性至关重要的内容。