zhongwei/gh-bejranonda-llm-autonomous-agent-plugin-for-claude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Zhongwei Li
2025-11-29 18:00:50 +08:00
commit c5931553a6
106 changed files with 49995 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

635
commands/dev/pr-review.md Normal file
View File

@@ -0,0 +1,635 @@
---
name: dev:pr-review
description: CodeRabbit-style PR review with security scanning, test coverage, and one-click fixes
delegates-to: autonomous-agent:pr-reviewer
---
# Pull Request Review Command
Execute a comprehensive CodeRabbit-style review of a pull request with automated analysis, security scanning, and one-click fixes.
## Usage
```bash
/dev:pr-review [PR_NUMBER|BRANCH_NAME]
```
**Examples**:
```bash
/dev:pr-review 123 # Review PR #123
/dev:pr-review feature/auth # Review branch against main
/dev:pr-review # Review current branch changes
```
## Workflow
### 1. Initialize Review
- Detect PR context (number, branch, or current changes)
- Fetch PR metadata (title, author, description)
- Extract git diff and commit history
### 2. Delegate to PR Reviewer Agent
Execute comprehensive review via `pr-reviewer` agent:
```javascript
const review_result = await delegate_to_pr_reviewer({
pr_number: pr_number,
pr_data: {
title: pr_title,
author: pr_author,
description: pr_description,
files: changed_files,
diff: full_diff,
commits: commit_history
}
});
```
### 3. Analysis Pipeline
The PR reviewer agent executes:
**A. Summary Generation** (5-10s):
- Change categorization (features, bug fixes, refactoring, etc.)
- Files changed count and line statistics
- Complexity score calculation
**B. Line-by-Line Analysis** (30-60s):
- Code quality issues (naming, duplication, complexity)
- Best practice violations (SOLID, DRY, error handling)
- Performance concerns (N+1 queries, inefficient algorithms)
- Type annotations and documentation
**C. Security Scan** (20-40s via security-auditor):
- OWASP Top 10 vulnerability detection
- Input validation checks
- Authentication/authorization review
- Secrets exposure detection
- Dependency vulnerability scan
**D. Test Coverage Analysis** (15-30s):
- Calculate coverage for changed lines
- Identify untested functions
- Generate test suggestions
- Coverage delta calculation
**E. Automated Fix Generation** (10-20s):
- Generate one-click fixes for auto-fixable issues
- Provide suggestions with explanations
- Calculate confidence scores
**F. Risk Assessment** (5-10s):
- Calculate weighted risk score
- Identify risk factors (size, complexity, critical files)
- Generate recommendations
**G. Related PR Detection** (5-10s):
- Find PRs touching same files
- Detect similar changes
- Identify dependencies
### 4. Report Generation
Generate comprehensive review report:
```markdown
# Pull Request Review: #{PR_NUMBER}
## 📊 Summary
**Risk Level**: {RISK_LEVEL} ({RISK_SCORE}/100)
Files: {COUNT} | +{ADDITIONS} -{DELETIONS} | Complexity: {SCORE}/100
## 🔒 Security ({VULN_COUNT} issues)
🔴 Critical: {COUNT} | 🟠 High: {COUNT} | 🟡 Medium: {COUNT}
## 📈 Test Coverage
{COVERAGE}% ({DELTA > 0 ? '+' : ''}{DELTA}%) | Untested: {COUNT}
## 💡 Code Review ({ISSUE_COUNT} issues)
{DETAILED_REVIEWS_BY_FILE}
## ⚡ Performance ({ISSUE_COUNT} concerns)
{PERFORMANCE_ISSUES}
## 🎯 Recommendations
### Critical ({COUNT})
### Suggested ({COUNT})
### Nice to Have ({COUNT})
## ✅ Approval Checklist
- [ ] All critical issues resolved
- [ ] Test coverage adequate
- [ ] No new vulnerabilities
- [ ] Performance acceptable
```
### 5. Interactive Fix Application
Provide one-click fix application:
```python
# Auto-fixable issues presented with "Apply Fix" option
# User can select fixes to apply
# System applies fixes and creates commit
```
## Skills Integration
This command leverages:
**ast-analyzer**:
- Deep code structure analysis
- Complexity calculation
- Impact analysis
**security-patterns**:
- Vulnerability detection patterns
- Secure coding guidelines
**contextual-pattern-learning**:
- Find similar successful PRs
- Learn review patterns
- Improve accuracy over time
**code-analysis**:
- Code quality metrics
- Best practice validation
## Output Format
### Terminal Output (Tier 1: Concise Summary)
```
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
PR REVIEW COMPLETE: #{PR_NUMBER}
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📊 Overview
Risk Level: {RISK_LEVEL} ({RISK_SCORE}/100)
Files: {COUNT} | +{ADDITIONS} -{DELETIONS}
Complexity: {SCORE}/100
🔒 Security Analysis
🔴 Critical: {COUNT} | 🟠 High: {COUNT} | 🟡 Medium: {COUNT}
Total New Vulnerabilities: {COUNT}
📈 Test Coverage
Coverage: {COVERAGE}% ({DELTA > 0 ? '+' : ''}{DELTA}%)
Untested Functions: {COUNT}
💡 Top 3 Issues
1. {SEVERITY} - {FILE}:{LINE} - {ISSUE}
2. {SEVERITY} - {FILE}:{LINE} - {ISSUE}
3. {SEVERITY} - {FILE}:{LINE} - {ISSUE}
🎯 Top 3 Recommendations
1. {CRITICAL_RECOMMENDATION}
2. {SUGGESTED_IMPROVEMENT}
3. {NICE_TO_HAVE}
✅ Auto-fixable Issues: {COUNT}/{TOTAL}
📄 Detailed Report: .data/reports/pr-review/pr-{NUMBER}-{DATE}.md
⏱️ Review completed in {DURATION}
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
```
### Detailed Report (Tier 2: Comprehensive File)
Saved to: `.data/reports/pr-review/pr-{NUMBER}-{YYYY-MM-DD}.md`
**Full Report Structure**:
```markdown
# Pull Request Review: #{PR_NUMBER}
**Generated**: {TIMESTAMP}
**Review Time**: {DURATION}
**Reviewer**: Autonomous PR Review Agent v1.0
---
## Table of Contents
1. [Summary](#summary)
2. [Security Analysis](#security-analysis)
3. [Test Coverage](#test-coverage)
4. [Code Review](#code-review)
5. [Performance Analysis](#performance-analysis)
6. [Recommendations](#recommendations)
7. [Related PRs](#related-prs)
8. [Approval Checklist](#approval-checklist)
---
## Summary
**Title**: {PR_TITLE}
**Author**: {AUTHOR}
**Status**: {STATUS}
**Risk Level**: {RISK_LEVEL} ({RISK_SCORE}/100)
### Changes Overview
- **Files Changed**: {COUNT}
- **Lines Added**: +{ADDITIONS}
- **Lines Removed**: -{DELETIONS}
- **Complexity Score**: {SCORE}/100
### Change Categories
-**Features**: {COUNT} files
- {FILE_LIST}
- 🐛 **Bug Fixes**: {COUNT} files
- {FILE_LIST}
- ♻️ **Refactoring**: {COUNT} files
- {FILE_LIST}
- 📝 **Documentation**: {COUNT} files
- {FILE_LIST}
-**Tests**: {COUNT} files
- {FILE_LIST}
### Risk Factors
| Factor | Score | Weight | Impact |
|--------|-------|--------|--------|
| Size | {SCORE}/100 | 20% | {IMPACT} |
| Complexity | {SCORE}/100 | 25% | {IMPACT} |
| Test Coverage | {SCORE}/100 | 25% | {IMPACT} |
| Critical Files | {SCORE}/100 | 20% | {IMPACT} |
| Security | {SCORE}/100 | 10% | {IMPACT} |
---
## Security Analysis
**New Vulnerabilities Detected**: {COUNT}
### Critical Issues (🔴)
#### {VULN_TITLE_1}
- **File**: `{FILE_PATH}`
- **Line**: {LINE_NUMBER}
- **Severity**: CRITICAL
- **CWE**: CWE-{NUMBER} - {CWE_NAME}
- **OWASP**: {OWASP_CATEGORY}
**Vulnerable Code**:
```{LANGUAGE}
{VULNERABLE_CODE}
```
**Description**: {DETAILED_DESCRIPTION}
**Remediation**:
```{LANGUAGE}
{FIXED_CODE}
```
**Explanation**: {EXPLANATION}
**Auto-fixable**: {YES/NO}
[Apply Fix] (One-click button)
---
### High Issues (🟠)
{SIMILAR_STRUCTURE}
### Medium Issues (🟡)
{SIMILAR_STRUCTURE}
### Low Issues (⚪)
{SIMILAR_STRUCTURE}
---
## Test Coverage
**Overall Coverage**: {COVERAGE}% ({DELTA > 0 ? '+' : ''}{DELTA}%)
- **Changed Lines Coverage**: {CHANGED_LINES_COV}%
- **Untested Functions**: {COUNT}
### Coverage by File
| File | Before | After | Delta | Untested Functions |
|------|--------|-------|-------|-------------------|
| {FILE} | {BEFORE}% | {AFTER}% | {DELTA}% | {COUNT} |
### Untested Functions
#### {FILE_PATH}
- `{FUNCTION_NAME}` (line {LINE})
- `{FUNCTION_NAME}` (line {LINE})
**Suggested Test**:
```{LANGUAGE}
{SUGGESTED_TEST_CODE}
```
---
## Code Review
### {FILE_PATH_1}
#### Line {LINE}: {ISSUE_TITLE}
**Severity**: {CRITICAL/HIGH/MEDIUM/LOW}
**Category**: {CODE_QUALITY/BEST_PRACTICE/PERFORMANCE}
**Original Code**:
```{LANGUAGE}
{ORIGINAL_CODE}
```
**Issue**: {DETAILED_ISSUE_DESCRIPTION}
**Suggested Fix**:
```{LANGUAGE}
{SUGGESTED_CODE}
```
**Explanation**: {WHY_THIS_IS_BETTER}
**Auto-fixable**: {YES/NO}
**Confidence**: {CONFIDENCE}%
[Apply Fix] (One-click button)
---
### {FILE_PATH_2}
{SIMILAR_STRUCTURE}
---
## Performance Analysis
**Potential Performance Impact**: {LOW/MEDIUM/HIGH}
### N+1 Query Issues ({COUNT})
#### {FILE}:{LINE} - {FUNCTION_NAME}
**Detected Pattern**: Loop with database query inside
**Current Code**:
```{LANGUAGE}
{CURRENT_CODE}
```
**Optimized Code**:
```{LANGUAGE}
{OPTIMIZED_CODE}
```
**Performance Improvement**: {ESTIMATED_IMPROVEMENT}
---
### Inefficient Algorithms ({COUNT})
{SIMILAR_STRUCTURE}
### Missing Indexes ({COUNT})
{SIMILAR_STRUCTURE}
### Large Data Operations ({COUNT})
{SIMILAR_STRUCTURE}
---
## Recommendations
### 🔴 Critical Actions Required ({COUNT})
1. **{CRITICAL_ISSUE_1}**
- **File**: {FILE}
- **Action**: {SPECIFIC_ACTION}
- **Impact**: {IMPACT_DESCRIPTION}
2. **{CRITICAL_ISSUE_2}**
{SIMILAR_STRUCTURE}
---
### 🟡 Suggested Improvements ({COUNT})
1. **{IMPROVEMENT_1}**
- **File**: {FILE}
- **Benefit**: {BENEFIT_DESCRIPTION}
- **Effort**: {LOW/MEDIUM/HIGH}
2. **{IMPROVEMENT_2}**
{SIMILAR_STRUCTURE}
---
### ⚪ Nice to Have ({COUNT})
1. **{NICE_TO_HAVE_1}**
- **File**: {FILE}
- **Benefit**: {MINOR_BENEFIT}
---
## Related PRs
### PRs Touching Same Files
- **#{PR_NUMBER}**: {TITLE}
- **Author**: {AUTHOR}
- **Status**: {STATUS}
- **Overlap**: {FILE_COUNT} files
- **Potential Conflict**: {YES/NO}
### Similar PRs
- **#{PR_NUMBER}**: {TITLE}
- **Similarity**: {PERCENTAGE}%
- **Lessons Learned**: {INSIGHTS}
### Dependent PRs
- **#{PR_NUMBER}**: {TITLE}
- **Dependency Type**: {BLOCKS/BLOCKED_BY}
---
## Approval Checklist
### Mandatory Requirements
- [ ] All critical security issues resolved
- [ ] Test coverage ≥ 70% for changed lines
- [ ] No new critical vulnerabilities introduced
- [ ] All tests passing
- [ ] Documentation updated
### Code Quality
- [ ] No code quality issues with severity > MEDIUM
- [ ] Best practices followed
- [ ] Performance impact acceptable
- [ ] No technical debt introduced
### Review Sign-off
- [ ] Security review complete
- [ ] Performance review complete
- [ ] Test coverage adequate
- [ ] Code review complete
---
## Review Metadata
**Review Generated**: {TIMESTAMP}
**Review Time**: {DURATION}
**Auto-fixable Issues**: {COUNT}/{TOTAL}
**Confidence Score**: {AVERAGE_CONFIDENCE}%
**Reviewer Agent**: pr-reviewer v1.0
**Security Scanner**: security-auditor v1.0
**AST Analyzer**: ast-analyzer v1.0
**Pattern Learner**: contextual-pattern-learning v3.0
---
## One-Click Fixes Available
{COUNT} issues can be fixed automatically. Apply all fixes with:
```bash
/apply-pr-fixes {PR_NUMBER}
```
Or apply individual fixes:
```bash
/apply-fix {ISSUE_ID}
```
---
**End of Report**
```
---
## Implementation Details
### Git Integration
```python
def fetch_pr_data(pr_identifier):
"""Fetch PR data from git or GitHub CLI."""
if pr_identifier.isdigit():
# Use gh CLI for PR number
pr_data = subprocess.run(
["gh", "pr", "view", pr_identifier, "--json",
"title,author,body,files,additions,deletions"],
capture_output=True
)
else:
# Use git for branch comparison
diff = subprocess.run(
["git", "diff", f"origin/main...{pr_identifier}"],
capture_output=True
)
commits = subprocess.run(
["git", "log", f"origin/main..{pr_identifier}",
"--oneline"],
capture_output=True
)
return parse_pr_data(pr_data)
```
### Fix Application
```python
def apply_fix(issue_id):
"""Apply automated fix for specific issue."""
issue = load_issue(issue_id)
if not issue.auto_fixable:
print("Issue not auto-fixable")
return False
# Apply Edit tool
Edit(
file_path=issue.file,
old_string=issue.original_code,
new_string=issue.suggested_code
)
# Run tests to verify
test_result = run_tests()
if test_result.success:
# Create commit
git_commit(f"Fix: {issue.title}\n\nAuto-applied fix from PR review")
return True
else:
# Rollback
git_checkout(issue.file)
return False
```
## Learning Integration
After each PR review, the learning engine captures:
1. **Review Patterns**:
- Which issues were found in which file types
- Success rate of automated fixes
- False positive rates
2. **Project Patterns**:
- Common issue patterns in this codebase
- Team coding style preferences
- Review thoroughness preferences
3. **Performance Metrics**:
- Review time by PR size
- Issue detection accuracy
- Fix application success rate
4. **Continuous Improvement**:
- Reduce false positives over time
- Improve fix suggestion quality
- Personalize review style to team
## Error Handling
```python
try:
review_result = comprehensive_pr_review(pr_number)
except GitError as e:
print(f"Git error: {e.message}")
print("Ensure you're in a git repository and PR exists")
except SecurityScanError as e:
print(f"Security scan failed: {e.message}")
print("Review will continue with partial results")
except Exception as e:
print(f"Review failed: {e}")
print("Saving partial results...")
save_partial_review(partial_data)
```
## Performance Expectations
| PR Size | Files | Lines | Review Time |
|---------|-------|-------|-------------|
| Small | 1-5 | <200 | 30-60s |
| Medium | 6-15 | 200-500 | 1-2min |
| Large | 16-30 | 500-1000 | 2-4min |
| XLarge | 31+ | 1000+ | 4-8min |
## Follow-up Commands
After review:
```bash
/apply-pr-fixes {PR_NUMBER} # Apply all auto-fixable issues
/apply-fix {ISSUE_ID} # Apply specific fix
/dev:pr-review-history # Show review history
/learn:analytics # Review performance analytics
```
---
This command provides comprehensive, CodeRabbit-level PR review capabilities with deep integration into the autonomous learning system.