ai-generated-business-code-review

Original：🇺🇸 English

Translated

Use when reviewing or scoring AI-generated business/application code quality in any language, especially when a numeric score, risk level, or must-fix checklist is requested, or when C++ code must comply with OpenHarmony C++ and security standards

1installs

Sourceopenharmonyinsight/openharmony-skills

Added on2026-02-07

NPX Install

npx skill4agent add openharmonyinsight/openharmony-skills ai-generated-business-code-review

SKILL.md Content

View Translation Comparison →

AI Business Code Review

Overview

Review AI-generated business/application code for correctness, robustness, maintainability, performance, and security. Output a 0-10 score, a risk level, and a must-fix checklist. For C++ code, REQUIRED: use

openharmony-cpp

and

openharmony-security-review

as hard constraints.

When to Use

AI-generated business/app code review or quality evaluation
Need scoring, risk level, or must-fix checklist
C++ business code must meet OpenHarmony coding/security requirements

Workflow

Identify language and code type (business vs test). If test code, use
```
ai-generated-ut-code-review
```
instead.
For C++: load and apply
```
openharmony-cpp
```
+
```
openharmony-security-review
```
as mandatory constraints.
Inspect behavior vs requirements, edge cases, error handling, resource management, and security.
Score by rubric, assign risk level, list must-fix items with concrete evidence (file/line or snippet).

Scoring (0-10)

Each dimension 0-2 points. Sum = total score.

Dimension	0	1	2
Correctness	Wrong/missing key behavior	Partial/assumptions	Meets requirements
Robustness	Crashes/leaks/unchecked errors	Some edge handling	Solid edge/error handling
Maintainability	Hard to read/modify	Mixed quality	Clear structure & naming
Performance	Inefficient hot paths	Acceptable but improvable	Efficient for expected load
Security	Clear vulnerabilities	Weak validation/unsafe	Safe-by-default, validated

Risk Levels

Blocker: security漏洞、严重逻辑错误、或违反 C++ 强制规范
High: 关键路径缺失、异常处理不完整、明显资源泄漏
Medium: 维护性或性能风险显著
Low: 轻微问题或风格一致性

Must-Fix Checklist

外部输入有明确校验与错误反馈
关键异常路径可达且可观测（日志/错误码/异常）
资源释放或 RAII 保证（C++）

C++ 场景满足

openharmony-cpp

与

openharmony-security-review

AI-Generated Code Pitfalls (Check Explicitly)

需求误解、隐含前提错误
只覆盖 happy-path，忽略异常/边界
吞异常或默认值不合理
复制粘贴造成重复与不一致
过度复杂化或抽象错误

Output Format (Required, Semi-fixed)

```
Score
```
: x/10 — Correctness x, Robustness x, Maintainability x, Performance x, Security x
```
Risk
```
: Low/Medium/High/Blocker — 简述风险原因（1 行）
```
Must-fix
```
:
- [动作 + 证据]
- [动作 + 证据]
```
Key Evidence
```
:
- 引用具体函数/类/路径（1-2 条）
```
Notes
```
:
- 最小修复建议或替代方案（1-2 行）

Rules:

C++ 必须在

Key Evidence

或

Must-fix

中明确指出违反

openharmony-cpp

/

openharmony-security-review

的点

至少 2 条证据；证据不足需说明并降分
禁止只给总体评价

Common Mistakes

只给总体评价，不给证据
忽略 C++ 强制规范
将风格问题当作阻断风险

Example (Concise)

Score: 6/10 (Correctness 1, Robustness 1, Maintainability 1, Performance 1, Security 2) Risk: High Must-fix:

Missing input validation in
```
createUser()
```
(null/empty, length, format)
Error path swallows exceptions without logging Key Evidence:
```
createUser()
```
accepts raw input without checks
```
catch
```
block is empty in
```
persistUser()
```
Notes:
Add explicit validation and return structured errors.