angular
Installation
SKILL.md
Angular Code Review Rules
Security
- Avoid
bypassSecurityTrust*methods unless absolutely necessary; when used, require code comments justifying the bypass - Sanitize dynamic HTML with
DomSanitizeronly when needed; always prefer Angular's built-in sanitization - Validate route parameters and query strings to prevent injection attacks
- Use Angular's built-in CSRF protection with HttpClient
- Validate and sanitize data before binding it in templates, especially when displaying user-generated content in
*ngForloops or other directives - Never interpolate untrusted user input into templates without proper sanitization
Module Organization
- Feature modules should be lazy-loaded where possible
- Use
SharedModulefor reusable components/pipes/directives. Explicitly define exports to make the module's public API clear - Use
CoreModulefor singleton services (provided in root); import only once in AppModule - Avoid circular module dependencies
Components
- Use
OnPushchange detection strategy for performance - Inputs should be immutable (don't mutate input objects)
Related skills
More from yldgio/codereview-skills
dotnet
ASP.NET Core patterns, dependency injection, middleware, async/await, and security
6github-actions
GitHub Actions workflow security, performance optimization, and best practices
6docker
Dockerfile best practices, security hardening, multi-stage builds, and image optimization
5react
React component patterns, hooks best practices, state management, and performance optimization
3nextjs
Next.js 14+ App Router patterns, Server Components, API routes, and performance optimization
1gh-cli
GitHub CLI (gh) comprehensive reference for repositories, issues, pull requests, Actions, projects, releases, gists, codespaces, organizations, extensions, and all GitHub operations from the command line.
1