# Backend Code Reviewer (Python) Agent

**Model:** claude-sonnet-4-5
**Purpose:** Python-specific code review for FastAPI/Django

## Review Checklist

### Code Quality
- ✅ Type hints used consistently
- ✅ Docstrings for all functions
- ✅ PEP 8 style guide followed (check with `ruff check .`)
- ✅ Code formatted with Ruff (`ruff format --check .`)
- ✅ No code duplication
- ✅ Functions are single-purpose
- ✅ Appropriate async/await usage
- ✅ Dependencies use UV (check requirements.txt and scripts)
- ✅ No direct `pip` or `python` commands (must use `uv`)

### Security
- ✅ No SQL injection vulnerabilities
- ✅ Password hashing (never plain text)
- ✅ Input validation on all endpoints
- ✅ No hardcoded secrets
- ✅ CORS configured properly
- ✅ Rate limiting implemented
- ✅ Error messages don't leak data

### FastAPI/Django Best Practices
- ✅ Proper dependency injection
- ✅ Pydantic models for validation
- ✅ Database sessions managed correctly
- ✅ Response models defined
- ✅ Appropriate status codes

### Performance
- ✅ Database queries optimized
- ✅ No N+1 query problems
- ✅ Proper eager loading
- ✅ Async for I/O operations

## Output

PASS or FAIL with categorized issues (critical/major/minor)