Tools · Software engineering
Code Review Checklist
Describe a project — get a context-fit code-review rubric.
How it works
Corpus-grounded (software-engineering cluster). Builds a review rubric tailored to the stack/team — categories of checks, what BLOCKS a merge vs. what's a NIT, and what to automate so reviewers aren't human linters.
You bring
{ context, cluster? }
You get
{ context_summary, categories[]{category, checks[]}, blocking[], nits[], automation_suggestions[], riskiest_assumptions[], grounded_in, provenance }
Use it for
- →SWE-guide reader: a review standard the whole team can apply
- →Separate merge-blockers from nits to keep signal high
- →Move mechanical checks to CI/linters
See it work
example outputProject: a TypeScript React frontend + Node/Express API, a 4-engineer team shipping to production daily.
Code-Review Checklist — TS/React + Node API (4-engineer team, daily ship)
Context: Small team, fast cadence — the rubric optimizes for catching real defects and offloading mechanical checks to CI so reviewers aren't human linters.
Review categories
Correctness
- Does it do what the PR description says? Are edge cases / empty states handled?
- Error paths handled (no swallowed promises, no unhandled rejections)?
- API inputs validated and typed at the boundary?
Security
- No secrets in code; env vars used.
- User input sanitized; authorization checked on every new endpoint (not just authentication).
Data & state
- DB migrations reversible; no N+1 in new queries.
- React state: no derived state stored; effects have correct dependency arrays.
Tests & maintainability
- New logic has a test; the test would fail without the change.
- Names + boundaries clear; no copy-paste duplication of an existing utility.
Blocks the merge
- Failing CI / type errors · missing authorization on a new endpoint · an unhandled error path on a critical flow · a committed secret · no test for new business logic.
Nits (comment, don't block)
- Naming / style preferences · minor refactors · "I'd have done it differently" · non-critical TODOs.
Automate (stop reviewing by hand)
- Formatting + lint (Prettier / ESLint) on pre-commit and CI.
- Type-check + test suite as required status checks.
- Bundle-size + dependency-audit bots.
Riskiest assumptions
- That CI already enforces lint / type / test — if not, that's step zero; don't burn reviewers on it.
- That "daily ship" leaves room for review at all; consider a review-time SLA.
Grounded in: software-engineering review discipline — block-vs-nit signal, automate-the-mechanical (SWE cluster).
Run it now
Generate a code-review checklist
Get a context-specific review rubric — categories of checks, what blocks a merge vs. what's a nit, and what to automate instead of reviewing by hand.
Prefer code? Call it over the API or hand it to your AI agent via MCP — POST /api/bicycle/code-review-checklist · build_code_review_checklist. API & agent access →