review-mr
$
npx mdskill add TheBushidoCollective/han/review-mrAudit GitLab merge requests for code quality and pipeline health.
- Identifies security risks, logic errors, and missing tests in code changes.
- Depends on GitLab MCP server and requires OAuth authentication.
- Analyzes commits, diffs, and CI/CD status to generate actionable feedback.
- Delivers structured reports with metadata, suggestions, and approval guidance.
SKILL.md
.github/skills/review-mrView on GitHub ↗
--- name: review-mr description: Get comprehensive review of a GitLab merge request --- # Review GitLab Merge Request ## Name gitlab:review-mr - Get comprehensive review of a GitLab merge request ## Synopsis ``` /review-mr [arguments] ``` ## Description Get comprehensive review of a GitLab merge request ## Implementation Get a comprehensive review of a GitLab merge request including commits, diffs, and pipeline status. ## Usage ``` /review-mr [project-id] [mr-number] ``` This command performs a thorough review of a merge request. ## What This Command Does 1. Fetches merge request details using `get_merge_request` 2. Retrieves all commits using `get_merge_request_commits` 3. Analyzes file changes using `get_merge_request_diffs` 4. Checks pipeline status using `get_merge_request_pipelines` 5. Provides a structured review with: - MR metadata (title, author, status, dates) - Commit history and messages - File changes summary - Code review suggestions - CI/CD pipeline status - Recommendations for approval or changes ## Prerequisites - GitLab MCP server must be installed and configured - You must have access to the project and merge request - OAuth authentication must be completed ## Example Interaction ``` User: /review-mr 456 15 Claude: Reviewing merge request !15 in project 456... ## Merge Request Review: !15 - Add JWT-based user authentication ### Overview - **Author**: @johndoe - **Status**: Open - **Created**: 2025-01-15 - **Target Branch**: main ← feature/user-authentication - **Changes**: +347 lines, -12 lines across 8 files ### Commits (3 total) 1. feat: add JWT token generation and validation 2. feat: implement user login and registration endpoints 3. test: add unit tests for authentication flows ### Files Changed ✓ src/auth/jwt.ts (+145, -0) - New JWT utilities ✓ src/api/login.ts (+89, -5) - Login endpoint implementation ✓ src/api/register.ts (+67, -0) - Registration endpoint ✓ src/middleware/auth.ts (+23, -0) - Authentication middleware ✓ tests/auth.test.ts (+23, -0) - Unit tests ⚠ src/config/keys.ts (+0, -7) - Removed hardcoded secrets (good!) ### Code Review Observations **Strengths:** - Clean separation of concerns with dedicated auth module - Comprehensive error handling in login/register flows - Good test coverage for happy and error paths - Proper password hashing implementation - Removed hardcoded secrets **Suggestions for Improvement:** 1. **Security**: Consider adding rate limiting to login endpoint 2. **Documentation**: Add JSDoc comments to JWT utility functions 3. **Testing**: Could benefit from integration tests 4. **Error Messages**: Login errors could be more specific for debugging ### CI/CD Pipeline Status Pipeline #1234 - ✓ Passed (4m 32s) - build: ✓ Passed (1m 23s) - test: ✓ Passed (2m 45s) - lint: ✓ Passed (24s) ### Recommendation ✅ **Approve with minor suggestions** This MR implements authentication securely and follows best practices. The suggestions above would further improve code quality but aren't blocking. The pipeline passes all checks. Consider addressing the rate limiting and documentation suggestions in a follow-up MR or before merging. ``` ## Arguments - `project-id` (required): Numeric project ID or URL-encoded path - `mr-number` (required): Merge request number (the !NUMBER from GitLab) ## Tips - Review merge requests regularly to maintain code quality - Look for security issues, especially in authentication code - Check test coverage for new functionality - Verify CI/CD pipelines pass before approving - Consider architectural impact of large changes - Leave constructive feedback on the actual MR page - Use this for pre-review analysis before detailed code review ## Related Commands - `/create-mr`: Create a new merge request - `/view-mr`: View basic MR details without full review - `/search-code`: Find similar implementations for comparison
More from TheBushidoCollective/han
- absinthe-resolversUse when implementing GraphQL resolvers with Absinthe. Covers resolver patterns, dataloader integration, batching, and error handling.
- absinthe-schemaUse when designing GraphQL schemas with Absinthe. Covers type definitions, interfaces, unions, enums, and schema organization patterns.
- absinthe-subscriptionsUse when implementing real-time GraphQL subscriptions with Absinthe. Covers Phoenix channels, PubSub, and subscription patterns.
- act-docker-setupUse when configuring Docker environments for act, selecting runner images, managing container resources, or troubleshooting Docker-related issues with local GitHub Actions testing.
- act-local-testingUse when testing GitHub Actions workflows locally with act. Covers act CLI usage, Docker configuration, debugging workflows, and troubleshooting common issues when running workflows on your local machine.
- act-workflow-syntaxUse when creating or modifying GitHub Actions workflow files. Provides guidance on workflow syntax, triggers, jobs, steps, and expressions for creating valid GitHub Actions workflows that can be tested locally with act.
- ameba-configurationUse when configuring Ameba rules and settings for Crystal projects including .ameba.yml setup, rule management, severity levels, and code quality enforcement.
- ameba-custom-rulesUse when creating custom Ameba rules for Crystal code analysis including rule development, AST traversal, issue reporting, and rule testing.
- ameba-integrationUse when integrating Ameba into development workflows including CI/CD pipelines, pre-commit hooks, GitHub Actions, and automated code review processes.
- analyze-performanceAnalyze performance metrics and identify slow transactions in Sentry