review-pr

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Review PR

PR评审

Deep code review using 6-7 parallel specialized agents.

使用6-7个并行专业Agent进行深度代码评审。

Quick Start

快速开始

bash

/review-pr 123
/review-pr feature-branch

Opus 4.6: Parallel agents use native adaptive thinking for deeper analysis. Complexity-aware routing matches agent model to review difficulty.

bash

/review-pr 123
/review-pr feature-branch

Opus 4.6：并行Agent采用原生自适应思维进行深度分析。基于复杂度的路由会根据评审难度匹配对应Agent模型。

STEP 0: Verify User Intent with AskUserQuestion

步骤0：通过AskUserQuestion确认用户意图

BEFORE creating tasks, clarify review focus:

python

AskUserQuestion(
  questions=[{
    "question": "What type of review do you need?",
    "header": "Focus",
    "options": [
      {"label": "Full review (Recommended)", "description": "Security + code quality + tests + architecture"},
      {"label": "Security focus", "description": "Prioritize security vulnerabilities"},
      {"label": "Performance focus", "description": "Focus on performance implications"},
      {"label": "Quick review", "description": "High-level review, skip deep analysis"}
    ],
    "multiSelect": false
  }]
)

Based on answer, adjust workflow:

Full review: All 6-7 parallel agents
Security focus: Prioritize security-auditor, reduce other agents
Performance focus: Add performance-engineer agent
Quick review: Single code-quality-reviewer agent only

在创建任务之前，明确评审重点：

python

AskUserQuestion(
  questions=[{
    "question": "你需要哪种类型的评审？",
    "header": "评审重点",
    "options": [
      {"label": "全面评审（推荐）", "description": "安全+代码质量+测试+架构"},
      {"label": "安全重点", "description": "优先排查安全漏洞"},
      {"label": "性能重点", "description": "聚焦性能影响"},
      {"label": "快速评审", "description": "高层级评审，跳过深度分析"}
    ],
    "multiSelect": false
  }]
)

根据回答调整工作流：

全面评审：启用全部6-7个并行Agent
安全重点：优先使用security-auditor，减少其他Agent的参与
性能重点：添加performance-engineer Agent
快速评审：仅使用单个code-quality-reviewer Agent

STEP 0b: Select Orchestration Mode

步骤0b：选择编排模式

Choose Agent Teams (mesh — reviewers cross-reference findings) or Task tool (star — all report to lead):

```
ORCHESTKIT_PREFER_TEAMS=1
```
→ Agent Teams mode
Agent Teams unavailable → Task tool mode (default)
Otherwise: Full review with 6+ agents and cross-cutting concerns → recommend Agent Teams; Quick/focused review → Task tool

Aspect	Task Tool	Agent Teams
Communication	All reviewers report to lead	Reviewers cross-reference findings
Security + quality overlap	Lead deduplicates	security-auditor messages code-quality-reviewer directly
Cost	~200K tokens	~500K tokens
Best for	Quick/focused reviews	Full reviews with cross-cutting concerns

Fallback: If Agent Teams encounters issues, fall back to Task tool for remaining review.

选择Agent团队模式（网状结构——评审人员交叉参考结果）或任务工具模式（星型结构——所有结果上报至负责人）：

```
ORCHESTKIT_PREFER_TEAMS=1
```
→ Agent团队模式
若Agent团队模式不可用 → 默认使用任务工具模式
其他情况：需要6个以上Agent参与且涉及跨领域问题的全面评审 → 推荐Agent团队模式；快速/重点评审 → 任务工具模式

对比项	任务工具模式	Agent团队模式
沟通方式	所有评审人员向负责人汇报	评审人员直接交叉参考结果
安全与质量重叠处理	负责人去重	security-auditor直接向code-quality-reviewer发送相关发现
成本	~200K tokens	~500K tokens
适用场景	快速/重点评审	涉及跨领域问题的全面评审

降级方案：若Agent团队模式出现问题，剩余评审环节切换为任务工具模式。

⚠️ CRITICAL: Task Management is MANDATORY (CC 2.1.16)

⚠️ 关键要求：任务管理是强制性的（CC 2.1.16）

BEFORE doing ANYTHING else, create tasks to track progress:

python

undefined

在执行任何操作之前，创建任务以跟踪进度：

python

undefined

1. Create main review task IMMEDIATELY

1. 立即创建主评审任务

TaskCreate( subject="Review PR #{number}", description="Comprehensive code review with parallel agents", activeForm="Reviewing PR #{number}" )

TaskCreate( subject="评审PR #{number}", description="使用并行Agent进行全面代码评审", activeForm="正在评审PR #{number}" )

2. Create subtasks for each phase

2. 为每个阶段创建子任务

TaskCreate(subject="Gather PR information", activeForm="Gathering PR information") TaskCreate(subject="Launch review agents", activeForm="Dispatching review agents") TaskCreate(subject="Run validation checks", activeForm="Running validation checks") TaskCreate(subject="Synthesize review", activeForm="Synthesizing review") TaskCreate(subject="Submit review", activeForm="Submitting review")

TaskCreate(subject="收集PR信息", activeForm="正在收集PR信息") TaskCreate(subject="启动评审Agent", activeForm="正在调度评审Agent") TaskCreate(subject="运行验证检查", activeForm="正在运行验证检查") TaskCreate(subject="汇总评审结果", activeForm="正在汇总评审结果") TaskCreate(subject="提交评审", activeForm="正在提交评审")

3. Update status as you progress

3. 随进度更新状态

TaskUpdate(taskId="2", status="in_progress") # When starting TaskUpdate(taskId="2", status="completed") # When done

---

TaskUpdate(taskId="2", status="in_progress") # 开始时 TaskUpdate(taskId="2", status="completed") # 完成时

---

Phase 1: Gather PR Information

阶段1：收集PR信息

bash

undefined

bash

undefined

Get PR details

获取PR详情

gh pr view $ARGUMENTS --json title,body,files,additions,deletions,commits,author

View the diff

查看差异

gh pr diff $ARGUMENTS

Check CI status

检查CI状态

gh pr checks $ARGUMENTS


Identify:
- Total files changed
- Lines added/removed
- Affected domains (frontend, backend, AI)

gh pr checks $ARGUMENTS


明确以下信息：
- 变更文件总数
- 新增/删除代码行数
- 影响的领域（前端、后端、AI）

Tool Guidance

工具使用指南

Use the right tools for PR review operations:

Task	Use	Avoid
Fetch PR diff	`Bash: gh pr diff`	Reading all changed files individually
List changed files	`Bash: gh pr diff --name-only`	`bash find`
Search for patterns	`Grep(pattern="...", path="src/")`	`bash grep`
Read file content	`Read(file_path="...")`	`bash cat`
Check CI status	`Bash: gh pr checks`	Polling APIs

为PR评审操作选择合适的工具：

任务	推荐工具	避免使用
获取PR差异	`Bash: gh pr diff`	逐个查看所有变更文件
列出变更文件	`Bash: gh pr diff --name-only`	`bash find`
搜索模式	`Grep(pattern="...", path="src/")`	`bash grep`
读取文件内容	`Read(file_path="...")`	`bash cat`
检查CI状态	`Bash: gh pr checks`	轮询API

Parallel Execution Strategy

并行执行策略

<use_parallel_tool_calls> When gathering PR context, run independent operations in parallel:

```
gh pr view
```
(PR metadata) - independent
```
gh pr diff
```
(changed files) - independent
```
gh pr checks
```
(CI status) - independent

Spawn all three in ONE message. This cuts context-gathering time by 60%.

For agent-based review (Phase 3), all 6 agents are independent - launch them together. </use_parallel_tool_calls>

<use_parallel_tool_calls> 收集PR上下文时，并行执行独立操作：

```
gh pr view
```
（PR元数据）- 独立操作
```
gh pr diff
```
（变更文件）- 独立操作
```
gh pr checks
```
（CI状态）- 独立操作

在一条消息中启动所有三个操作，可将上下文收集时间缩短60%。

对于基于Agent的评审（阶段3），所有6个Agent均为独立操作——同时启动它们。 </use_parallel_tool_calls>

Phase 2: Skills Auto-Loading (CC 2.1.6)

阶段2：技能自动加载（CC 2.1.6）

CC 2.1.6 auto-discovers skills - no manual loading needed!

Relevant skills activated automatically:

```
code-review-playbook
```
- Review patterns, conventional comments
```
security-scanning
```
- OWASP, secrets, dependencies
```
type-safety-validation
```
- Zod, TypeScript strict

CC 2.1.6会自动发现技能——无需手动加载！

Phase 3: Parallel Code Review (6 Agents)

阶段3：并行代码评审（6个Agent）

Launch SIX specialized reviewers in ONE message with

run_in_background: true

Agent	Focus Area
code-quality-reviewer #1	Readability, complexity, DRY
code-quality-reviewer #2	Type safety, Zod, Pydantic
security-auditor	Security, secrets, injection
test-generator	Test coverage, edge cases
backend-system-architect	API, async, transactions
frontend-ui-developer	React 19, hooks, a11y

python

undefined

在一条消息中启动6个专业评审Agent，并设置

run_in_background: true

：

Agent	聚焦领域
code-quality-reviewer #1	可读性、复杂度、DRY原则
code-quality-reviewer #2	类型安全、Zod、Pydantic
security-auditor	安全、密钥、注入漏洞
test-generator	测试覆盖率、边缘场景
backend-system-architect	API、异步处理、事务
frontend-ui-developer	React 19、Hooks、无障碍访问（a11y）

python

undefined

PARALLEL - All 6 agents in ONE message

并行执行——6个Agent在同一条消息中启动

Task( description="Review code quality", subagent_type="code-quality-reviewer", prompt="""CODE QUALITY REVIEW for PR $ARGUMENTS

Review code readability and maintainability:

Naming conventions and clarity
Function/method complexity (cyclomatic < 10)
DRY violations and code duplication
SOLID principles adherence

SUMMARY: End with: "RESULT: [PASS|WARN|FAIL] - [N] issues: [brief list]" """, run_in_background=True ) Task( description="Review type safety", subagent_type="code-quality-reviewer", prompt="""TYPE SAFETY REVIEW for PR $ARGUMENTS

Review type safety and validation:

TypeScript strict mode compliance
Zod/Pydantic schema usage
No
```
any
```
types or type assertions
Exhaustive switch/union handling

SUMMARY: End with: "RESULT: [PASS|WARN|FAIL] - [N] type issues: [brief list]" """, run_in_background=True ) Task( description="Security audit PR", subagent_type="security-auditor", prompt="""SECURITY REVIEW for PR $ARGUMENTS

Security audit:

Secrets/credentials in code
Injection vulnerabilities (SQL, XSS)
Authentication/authorization checks
Dependency vulnerabilities

SUMMARY: End with: "RESULT: [PASS|WARN|BLOCK] - [N] findings: [severity summary]" """, run_in_background=True ) Task( description="Review test coverage", subagent_type="test-generator", prompt="""TEST COVERAGE REVIEW for PR $ARGUMENTS

Review test quality:

Test coverage for changed code
Edge cases and error paths tested
Meaningful assertions (not just truthy)
No flaky tests (timing, external deps)

SUMMARY: End with: "RESULT: [N]% coverage, [M] gaps - [key missing test]" """, run_in_background=True ) Task( description="Review backend code", subagent_type="backend-system-architect", prompt="""BACKEND REVIEW for PR $ARGUMENTS

Review backend code:

API design and REST conventions
Async/await patterns and error handling
Database query efficiency (N+1)
Transaction boundaries

SUMMARY: End with: "RESULT: [PASS|WARN|FAIL] - [N] issues: [key concern]" """, run_in_background=True ) Task( description="Review frontend code", subagent_type="frontend-ui-developer", prompt="""FRONTEND REVIEW for PR $ARGUMENTS

Review frontend code:

React 19 patterns (hooks, server components)
State management correctness
Accessibility (a11y) compliance
Performance (memoization, lazy loading)

SUMMARY: End with: "RESULT: [PASS|WARN|FAIL] - [N] issues: [key concern]" """, run_in_background=True )

undefined

Task( description="评审代码质量", subagent_type="code-quality-reviewer", prompt="""针对PR $ARGUMENTS的代码质量评审

评审代码可读性与可维护性：

命名规范与清晰度
函数/方法复杂度（圈复杂度<10）
DRY原则违反与代码重复
SOLID原则遵循情况

总结：结尾需包含："RESULT: [PASS|WARN|FAIL] - [N]个问题：[简要列表]" """, run_in_background=True ) Task( description="评审类型安全", subagent_type="code-quality-reviewer", prompt="""针对PR $ARGUMENTS的类型安全评审

评审类型安全与验证：

TypeScript严格模式合规性
Zod/Pydantic schema使用
无
```
any
```
类型或类型断言
穷举switch/union处理

总结：结尾需包含："RESULT: [PASS|WARN|FAIL] - [N]个类型问题：[简要列表]" """, run_in_background=True ) Task( description="PR安全审计", subagent_type="security-auditor", prompt="""针对PR $ARGUMENTS的安全评审

安全审计：

代码中的密钥/凭证
注入漏洞（SQL、XSS）
认证/授权检查
依赖项漏洞

总结：结尾需包含："RESULT: [PASS|WARN|BLOCK] - [N]个发现：[严重程度总结]" """, run_in_background=True ) Task( description="评审测试覆盖率", subagent_type="test-generator", prompt="""针对PR $ARGUMENTS的测试覆盖率评审

评审测试质量：

变更代码的测试覆盖率
边缘场景与错误路径测试
有意义的断言（不只是真值判断）
无不稳定测试（时序、外部依赖）

总结：结尾需包含："RESULT: [N]%覆盖率，[M]个缺口 - [关键缺失测试]" """, run_in_background=True ) Task( description="评审后端代码", subagent_type="backend-system-architect", prompt="""针对PR $ARGUMENTS的后端评审

评审后端代码：

API设计与REST规范
Async/await模式与错误处理
数据库查询效率（N+1问题）
事务边界

总结：结尾需包含："RESULT: [PASS|WARN|FAIL] - [N]个问题：[关键关注点]" """, run_in_background=True ) Task( description="评审前端代码", subagent_type="frontend-ui-developer", prompt="""针对PR $ARGUMENTS的前端评审

评审前端代码：

React 19模式（Hooks、服务端组件）
状态管理正确性
无障碍访问（a11y）合规性
性能（记忆化、懒加载）

总结：结尾需包含："RESULT: [PASS|WARN|FAIL] - [N]个问题：[关键关注点]" """, run_in_background=True )

undefined

Phase 3 — Agent Teams Alternative

阶段3 — Agent团队模式替代方案

In Agent Teams mode, form a review team where reviewers cross-reference findings directly:

python

TeamCreate(team_name="review-pr-{number}", description="Review PR #{number}")

Task(subagent_type="code-quality-reviewer", name="quality-reviewer",
     team_name="review-pr-{number}",
     prompt="""Review code quality and type safety for PR #{number}.
     When you find patterns that overlap with security concerns,
     message security-reviewer with the finding.
     When you find test gaps, message test-reviewer.""")

Task(subagent_type="security-auditor", name="security-reviewer",
     team_name="review-pr-{number}",
     prompt="""Security audit for PR #{number}.
     Cross-reference with quality-reviewer for injection risks in code patterns.
     When you find issues, message the responsible reviewer (backend-reviewer
     for API issues, frontend-reviewer for XSS).""")

Task(subagent_type="test-generator", name="test-reviewer",
     team_name="review-pr-{number}",
     prompt="""Review test coverage for PR #{number}.
     When quality-reviewer flags test gaps, verify and suggest specific tests.
     Message backend-reviewer or frontend-reviewer with test requirements.""")

Task(subagent_type="backend-system-architect", name="backend-reviewer",
     team_name="review-pr-{number}",
     prompt="""Review backend code for PR #{number}.
     When security-reviewer flags API issues, validate and suggest fixes.
     Share API pattern findings with frontend-reviewer for consistency.""")

Task(subagent_type="frontend-ui-developer", name="frontend-reviewer",
     team_name="review-pr-{number}",
     prompt="""Review frontend code for PR #{number}.
     When backend-reviewer shares API patterns, verify frontend matches.
     When security-reviewer flags XSS risks, validate and suggest fixes.""")

Team teardown after synthesis:

python

undefined

在Agent团队模式下，组建评审团队，评审人员可直接交叉参考结果：

python

TeamCreate(team_name="review-pr-{number}", description="评审PR #{number}")

Task(subagent_type="code-quality-reviewer", name="quality-reviewer",
     team_name="review-pr-{number}",
     prompt="""评审PR #{number}的代码质量与类型安全。
     当发现与安全相关的模式时，向security-reviewer发送该发现。
     当发现测试缺口时，向test-reviewer发送消息。""")

Task(subagent_type="security-auditor", name="security-reviewer",
     team_name="review-pr-{number}",
     prompt="""对PR #{number}进行安全审计。
     与quality-reviewer交叉参考代码模式中的注入风险。
     发现问题时，向对应负责的评审人员发送消息（API问题找backend-reviewer，XSS问题找frontend-reviewer）。""")

Task(subagent_type="test-generator", name="test-reviewer",
     team_name="review-pr-{number}",
     prompt="""评审PR #{number}的测试覆盖率。
     当quality-reviewer标记测试缺口时，进行验证并建议具体测试方案。
     向backend-reviewer或frontend-reviewer发送测试需求。""")

Task(subagent_type="backend-system-architect", name="backend-reviewer",
     team_name="review-pr-{number}",
     prompt="""评审PR #{number}的后端代码。
     当security-reviewer标记API问题时，进行验证并建议修复方案。
     与frontend-reviewer共享API模式以保持一致性。""")

Task(subagent_type="frontend-ui-developer", name="frontend-reviewer",
     team_name="review-pr-{number}",
     prompt="""评审PR #{number}的前端代码。
     当backend-reviewer共享API模式时，验证前端实现是否匹配。
     当security-reviewer标记XSS风险时，进行验证并建议修复方案。""")

汇总完成后解散团队：

python

undefined

After collecting all findings and producing the review

收集所有发现并生成评审报告后

SendMessage(type="shutdown_request", recipient="quality-reviewer", content="Review complete") SendMessage(type="shutdown_request", recipient="security-reviewer", content="Review complete") SendMessage(type="shutdown_request", recipient="test-reviewer", content="Review complete") SendMessage(type="shutdown_request", recipient="backend-reviewer", content="Review complete") SendMessage(type="shutdown_request", recipient="frontend-reviewer", content="Review complete") TeamDelete()


> **Fallback:** If team formation fails, use standard Phase 3 Task spawns above.

---

SendMessage(type="shutdown_request", recipient="quality-reviewer", content="评审完成") SendMessage(type="shutdown_request", recipient="security-reviewer", content="评审完成") SendMessage(type="shutdown_request", recipient="test-reviewer", content="评审完成") SendMessage(type="shutdown_request", recipient="backend-reviewer", content="评审完成") SendMessage(type="shutdown_request", recipient="frontend-reviewer", content="评审完成") TeamDelete()


> **降级方案**：若团队组建失败，使用上述标准阶段3的任务启动方式。

---

Optional: AI Code Review

可选：AI代码评审

If PR includes AI/ML code, add 7th agent:

python

Task(
  description="Review LLM integration",
  subagent_type="llm-integrator",
  prompt="""LLM CODE REVIEW for PR $ARGUMENTS

  Review AI/LLM integration:
  1. Prompt injection prevention
  2. Token limit handling
  3. Caching strategy
  4. Error handling and fallbacks

  SUMMARY: End with: "RESULT: [PASS|WARN|FAIL] - [N] LLM issues: [key concern]"
  """,
  run_in_background=True
)

若PR包含AI/ML代码，添加第7个Agent：

python

Task(
  description="评审LLM集成",
  subagent_type="llm-integrator",
  prompt="""针对PR $ARGUMENTS的LLM代码评审

  评审AI/LLM集成：
  1. 提示注入防护
  2. Token限制处理
  3. 缓存策略
  4. 错误处理与降级方案

  总结：结尾需包含："RESULT: [PASS|WARN|FAIL] - [N]个LLM问题：[关键关注点]"
  """,
  run_in_background=True
)

Phase 4: Run Validation

阶段4：运行验证

bash

undefined

bash

undefined

Backend

后端

cd backend poetry run ruff format --check app/ poetry run ruff check app/ poetry run pytest tests/unit/ -v --tb=short

Frontend

前端

cd frontend npm run format:check npm run lint npm run typecheck npm run test

undefined

cd frontend npm run format:check npm run lint npm run typecheck npm run test

undefined

Phase 5: Synthesize Review

阶段5：汇总评审结果

Combine all agent feedback into structured report:

markdown

undefined

将所有Agent的反馈整合成结构化报告：

markdown

undefined

PR Review: #$ARGUMENTS

PR评审：#$ARGUMENTS

Summary

总结

[1-2 sentence overview]

[1-2句话概述]

Code Quality

代码质量

Area	Status	Notes
Readability	//	[notes]
Type Safety	//	[notes]
Test Coverage	//	[X%]

领域	状态	备注
可读性	//	[备注]
类型安全	//	[备注]
测试覆盖率	//	[X%]

Security

安全

Check	Status
Secrets	/
Input Validation	/
Dependencies	/

检查项	状态
密钥	/
输入验证	/
依赖项	/

Blockers (Must Fix)

阻塞问题（必须修复）

[if any]

[如有]

Suggestions (Non-Blocking)

建议（非阻塞）

[improvements]

undefined

[改进建议]

undefined

Phase 6: Submit Review

阶段6：提交评审

bash

undefined

bash

undefined

Approve

批准

gh pr review $ARGUMENTS --approve -b "Review message"

gh pr review $ARGUMENTS --approve -b "评审消息"

Request changes

请求修改

gh pr review $ARGUMENTS --request-changes -b "Review message"

undefined

gh pr review $ARGUMENTS --request-changes -b "评审消息"

undefined

CC 2.1.20 Enhancements

CC 2.1.20 增强功能

PR Status Enrichment

PR状态增强

The

pr-status-enricher

hook automatically detects open PRs at session start and sets:

```
ORCHESTKIT_PR_URL
```
- PR URL for quick reference
```
ORCHESTKIT_PR_STATE
```
- PR state (OPEN, MERGED, CLOSED)

pr-status-enricher

钩子会在会话开始时自动检测开放的PR，并设置：

```
ORCHESTKIT_PR_URL
```
- PR的快速参考链接
```
ORCHESTKIT_PR_STATE
```
- PR状态（OPEN、MERGED、CLOSED）

CC 2.1.27+ Enhancements

CC 2.1.27+ 增强功能

Session Resume with PR Context

携带PR上下文恢复会话

Sessions are automatically linked when reviewing PRs. Resume later with full context:

bash

undefined

评审PR时会话会自动关联。后续可携带完整上下文恢复会话：

bash

undefined

Resume with PR context preserved (diff, comments, CI status)

保留PR上下文恢复会话（差异、评论、CI状态）

claude --from-pr 123 claude --from-pr https://github.com/org/repo/pull/123


This preserves:
- Full PR diff still available
- Review comments and threads loaded
- CI/check status fresh
- Perfect for multi-session deep reviews

claude --from-pr 123 claude --from-pr https://github.com/org/repo/pull/123


恢复会话时会保留：
- 完整的PR差异
- 加载的评审评论与线程
- 最新的CI/检查状态
- 非常适合多会话深度评审

Task Metrics (CC 2.1.30)

任务指标（CC 2.1.30）

Task tool results now include efficiency metrics. After parallel agents complete, report:

markdown

undefined

任务工具结果现在包含效率指标。并行Agent完成后，需报告：

markdown

undefined

Review Efficiency

评审效率

Agent	Tokens	Tools	Duration
code-quality-reviewer	450	8	12s
security-auditor	620	12	18s
test-generator	380	6	10s

Total: 1,450 tokens, 26 tool calls


Use metrics to:
- Identify slow or expensive agents
- Track review efficiency over time
- Optimize agent prompts based on token usage

Agent	Token用量	工具调用次数	耗时
code-quality-reviewer	450	8	12s
security-auditor	620	12	18s
test-generator	380	6	10s

总计： 1,450 tokens，26次工具调用


使用指标可：
- 识别缓慢或高成本的Agent
- 跟踪评审效率随时间的变化
- 根据Token用量优化Agent提示词

Conventional Comments

标准化评论前缀

Use these prefixes for comments:

```
praise:
```
- Positive feedback
```
nitpick:
```
- Minor suggestion
```
suggestion:
```
- Improvement idea
```
issue:
```
- Must fix
```
question:
```
- Needs clarification

使用以下前缀进行评论：

```
praise:
```
- 正面反馈
```
nitpick:
```
- 小建议
```
suggestion:
```
- 改进想法
```
issue:
```
- 必须修复
```
question:
```
- 需要澄清