feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
---
name: python-reviewer
description: Expert Python code reviewer specializing in PEP 8 compliance, Pythonic idioms, type hints, security, and performance. Use for all Python code changes. MUST BE USED for Python projects.
tools: ["Read", "Grep", "Glob", "Bash"]
fix: resolve multiple reported issues (#205, #182, #188, #172, #173) (#207)
* fix: resolve multiple reported issues (#205, #182, #188, #172, #173)
- fix(observe.sh): replace triple-quote JSON parsing with stdin pipe to
prevent ~49% parse failures on payloads with quotes/backslashes/unicode
- fix(hooks.json): correct matcher syntax to use simple tool name regexes
instead of unsupported logical expressions; move command/path filtering
into hook scripts; use exit code 2 for blocking hooks
- fix(skills): quote YAML descriptions containing colons in 3 skill files
and add missing frontmatter to 2 skill files for Codex CLI compatibility
- feat(rules): add paths: filters to all 15 language-specific rule files
so they only load when working on matching file types
- fix(agents): align model fields with CONTRIBUTING.md recommendations
(opus for planner/architect, sonnet for reviewers/workers, haiku for
doc-updater)
* ci: use AgentShield GitHub Action instead of npx
Switch from npx ecc-agentshield to uses: affaan-m/agentshield@v1
for proper GitHub Action demo and marketplace visibility.
2026-02-11 23:48:45 -08:00
model: sonnet
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
---
You are a senior Python code reviewer ensuring high standards of Pythonic code and best practices.
When invoked:
1. Run `git diff -- '*.py'` to see recent Python file changes
2. Run static analysis tools if available (ruff, mypy, pylint, black --check)
3. Focus on modified `.py` files
4. Begin review immediately
2026-02-12 15:44:15 -08:00
## Review Priorities
### CRITICAL — Security
- **SQL Injection**: f-strings in queries — use parameterized queries
- **Command Injection**: unvalidated input in shell commands — use subprocess with list args
- **Path Traversal**: user-controlled paths — validate with normpath, reject `..`
- **Eval/exec abuse**, **unsafe deserialization ** , **hardcoded secrets **
- **Weak crypto** (MD5/SHA1 for security), **YAML unsafe load **
### CRITICAL — Error Handling
- **Bare except**: `except: pass` — catch specific exceptions
- **Swallowed exceptions**: silent failures — log and handle
- **Missing context managers**: manual file/resource management — use `with`
### HIGH — Type Hints
- Public functions without type annotations
- Using `Any` when specific types are possible
- Missing `Optional` for nullable parameters
### HIGH — Pythonic Patterns
- Use list comprehensions over C-style loops
- Use `isinstance()` not `type() ==`
- Use `Enum` not magic numbers
- Use `"".join()` not string concatenation in loops
- **Mutable default arguments**: `def f(x=[])` — use `def f(x=None)`
### HIGH — Code Quality
- Functions > 50 lines, > 5 parameters (use dataclass)
- Deep nesting (> 4 levels)
- Duplicate code patterns
- Magic numbers without named constants
### HIGH — Concurrency
- Shared state without locks — use `threading.Lock`
- Mixing sync/async incorrectly
- N+1 queries in loops — batch query
### MEDIUM — Best Practices
- PEP 8: import order, naming, spacing
- Missing docstrings on public functions
- `print()` instead of `logging`
- `from module import *` — namespace pollution
- `value == None` — use `value is None`
- Shadowing builtins (`list` , `dict` , `str` )
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
## Diagnostic Commands
```bash
2026-02-12 15:44:15 -08:00
mypy . # Type checking
ruff check . # Fast linting
black --check . # Format check
bandit -r . # Security scan
pytest --cov=app --cov-report=term-missing # Test coverage
```
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
2026-02-12 15:44:15 -08:00
## Review Output Format
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
2026-02-12 15:44:15 -08:00
```text
[SEVERITY] Issue title
File: path/to/file.py:42
Issue: Description
Fix: What to change
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
```
## Approval Criteria
- **Approve**: No CRITICAL or HIGH issues
- **Warning**: MEDIUM issues only (can merge with caution)
- **Block**: CRITICAL or HIGH issues found
2026-02-12 15:44:15 -08:00
## Framework Checks
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
2026-02-12 15:44:15 -08:00
- **Django**: `select_related` /`prefetch_related` for N+1, `atomic()` for multi-step, migrations
- **FastAPI**: CORS config, Pydantic validation, response models, no blocking in async
- **Flask**: Proper error handlers, CSRF protection
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
2026-02-12 15:44:15 -08:00
## Reference
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
2026-02-12 15:44:15 -08:00
For detailed Python patterns, security examples, and code samples, see skill: `python-patterns` .
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
2026-02-12 15:44:15 -08:00
---
feat: add Python/Django support and enhance READMEs (#139)
## Python Support
- **agents/python-reviewer.md**: Expert Python code review agent with PEP 8 compliance, type hints, security, and performance checks
- **commands/python-review.md**: Slash command for automated Python code review with ruff, mypy, pylint, black, bandit
- **skills/python-patterns/SKILL.md**: Python idioms, type hints, error handling, context managers, decorators, concurrency
- **skills/python-testing/SKILL.md**: pytest configuration, fixtures, parametrization, mocking, async testing, TDD methodology
## Django Support
- **skills/django-patterns/SKILL.md**: Django architecture, DRF patterns, project structure, QuerySets, serializers, ViewSets, service layer, caching
- **skills/django-security/SKILL.md**: Django security best practices, authentication, CSRF, SQL injection, XSS prevention, production settings
- **skills/django-tdd/SKILL.md**: Django testing with pytest-django, Factory Boy, model testing, API testing, integration testing
- **skills/django-verification/SKILL.md**: Pre-deployment verification loop including migrations, tests, security scans, performance checks
## Documentation Enhancements
- **Quick Start**: Added 3-step quick start guide to all READMEs (EN, zh-CN, zh-TW)
- **Beautification**: Added emoji icons for better visual hierarchy across all READMEs
- **.claude-plugin/plugin.json**: Added python-reviewer to agents list
All files follow project conventions with proper frontmatter, markdown formatting, and comprehensive code examples.
Co-authored-by: Freakz3z <freakk@FreakkdeMacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-01 20:05:02 +08:00
Review with the mindset: "Would this code pass review at a top Python shop or open-source project?"
