Review Codebase

Multi-phase deep codebase review producing severity-rated findings with fix-order recommendations. Unlike review-pull-request (scoped to a diff) or single-domain reviews (security-audit-codebase, review-software-architecture), this skill covers an entire project or subproject across all quality dimensions in one pass.

When to Use

• Whole-project or subproject review (not PR-scoped)
• New codebase onboarding — building a mental model of what exists and what needs attention
• Periodic health checks after sustained development
• Pre-release quality gate across architecture, security, code quality, and UX
• When the output should feed directly into issue creation or sprint planning

Inputs

• Required: target_path — root directory of the codebase or subproject to review
• Optional:
  • scope — which phases to run: full (default), security, architecture, quality, ux
  • output_format — findings (table only), report (narrative), both (default)
  • severity_threshold — minimum severity to include: LOW (default), MEDIUM, HIGH, CRITICAL