Catalog
getsentry/code-review

getsentry

code-review

Perform code reviews following Sentry engineering practices. Use when reviewing pull requests, examining code changes, or providing feedback on code quality. Covers security, performance, testing, and design review.

global
New~682
v1.0Saved Jul 11, 2026

Sentry Code Review

Follow these guidelines when reviewing code for Sentry projects.

Review Checklist

Identifying Problems

Look for these issues in code changes:

  • Runtime errors: Potential exceptions, null pointer issues, out-of-bounds access
  • Performance: Unbounded O(n²) operations, N+1 queries, unnecessary allocations
  • Side effects: Unintended behavioral changes affecting other components
  • Backwards compatibility: Breaking API changes without migration path
  • ORM queries: Complex Django ORM with unexpected query performance
  • Security vulnerabilities: Injection, XSS, access control gaps, secrets exposure

Design Assessment

  • Do component interactions make logical sense?
  • Does the change align with existing project architecture?
  • Are there conflicts with current requirements or goals?

Test Coverage

Every PR should have appropriate test coverage:

  • Functional tests for business logic
  • Integration tests for component interactions
  • End-to-end tests for critical user paths

Verify tests cover actual requirements and edge cases. Avoid excessive branching or looping in test code.

Long-Term Impact

Flag for senior engineer review when changes involve:

  • Database schema modifications
  • API contract changes
  • New framework or library adoption
  • Performance-critical code paths
  • Security-sensitive functionality

Feedback Guidelines

Tone

  • Be polite and empathetic
  • Provide actionable suggestions, not vague criticism
  • Phrase as questions when uncertain: "Have you considered...?"

Approval

  • Approve when only minor issues remain
  • Don't block PRs for stylistic preferences
  • Remember: the goal is risk reduction, not perfect code

Common Patterns to Flag

Python/Django

# Bad: N+1 query
for user in users:
    print(user.profile.name)  # Separate query per user

# Good: Prefetch related
users = User.objects.prefetch_related('profile')

TypeScript/React

// Bad: Missing dependency in useEffect
useEffect(() => {
  fetchData(userId);
}, []);  // userId not in deps

// Good: Include all dependencies
useEffect(() => {
  fetchData(userId);
}, [userId]);

Security

# Bad: SQL injection risk
cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")

# Good: Parameterized query
cursor.execute("SELECT * FROM users WHERE id = %s", [user_id])

References

Files1
1 files · 10.5 KB

Select a file to preview

Overall Score

82/100

Grade

B

Good

Safety

90

Quality

82

Clarity

85

Completeness

75

Summary

A structured code review guideline skill that teaches Sentry's engineering practices for reviewing pull requests. The skill provides a comprehensive checklist covering runtime errors, performance, security, testing, design assessment, and feedback best practices, with concrete Python/Django and TypeScript/React examples.

Detected Capabilities

code analysisstatic pattern matchingdocumentation reading

Trigger Keywords

Phrases that MCP clients use to match this skill to user intent.

code review checklistpull request reviewpython django patternstypescript react issuessecurity vulnerability checkdatabase query reviewtest coverage assessment

Referenced Domains

External domains referenced in skill content, detected by static analysis.

develop.sentry.devwww.apache.org

Use Cases

  • Reviewing pull requests for code quality, security, and performance issues
  • Identifying N+1 database queries and ORM inefficiencies in Django code
  • Catching missing useEffect dependencies and lifecycle issues in React code
  • Flagging SQL injection risks and other security vulnerabilities
  • Assessing design alignment and architectural consistency
  • Evaluating test coverage against requirements and edge cases

Quality Notes

  • Clear, well-organized structure with logical sections (Review Checklist, Design Assessment, Test Coverage, Long-Term Impact)
  • Concrete, actionable examples for Python/Django and TypeScript/React make patterns easy to identify
  • Emphasis on tone and empathy in feedback guidelines is culturally valuable
  • Feedback Guidelines section balances rigor with pragmatism ('don't block on stylistic preferences')
  • Security section covers injection, XSS, and access control with concrete examples
  • Limitations are implicit but could be more explicit (e.g., 'this does not cover performance profiling' or 'not a substitute for automated testing tools')
  • Edge cases (database schema changes, API contracts) are flagged for senior review, showing maturity
  • References link to external Sentry documentation, which is helpful but not fully self-contained
Model: claude-haiku-4-5-20251001Analyzed: Jul 11, 2026

Reviews

Add this skill to your library to leave a review.

No reviews yet

Be the first to share your experience.

Add getsentry/code-review to your library

Command Palette

Search for a command to run...