Code Review Examples

git diff | zo 'Review these changes for:
- Bugs
- Performance issues
- Security concerns
- Best practices'

zo @src/main.rs 'Code review with focus on:
- Error handling
- Memory safety
- Performance
- Code clarity'

zo @header.h @impl.c 'Review these files and check:
- Header/implementation consistency
- Memory leaks
- Buffer overflows
- API design'

# ~/.config/zo/config.toml
[[custom_models]]
name = "reviewer"
model = "anthropic/claude-sonnet-4.5"
system_prompt = """You are a senior code reviewer with 15 years of experience.
 
Focus on:
1. Bugs and logical errors
2. Performance and optimization opportunities
3. Security vulnerabilities
4. Code readability and maintainability
5. Best practices and design patterns
6. Test coverage
 
Provide:
- Severity level (Critical/High/Medium/Low)
- Specific line references when possible
- Concrete suggestions with code examples
- Positive feedback for good practices
"""

# Quick review
zo /reviewer @src/auth.rs
 
# Detailed review
git diff | zo /reviewer 'Thorough code review'
 
# PR review
git diff main...feature | zo /reviewer 'Review this pull request'

zo @lib.rs "Review this Rust code for:
- Lifetime issues
- Unsafe code usage
- Error handling patterns
- Idiomatic Rust
- Performance (unnecessary clones, allocations)
- Documentation quality"

zo @app.py "Review this Python code for:
- PEP 8 compliance
- Type hints usage
- Error handling
- Security (SQL injection, XSS)
- Performance (list comprehensions vs loops)
- Documentation and docstrings"

zo @component.tsx "Review this React component for:
- TypeScript type safety
- React best practices
- Performance (unnecessary re-renders)
- Accessibility
- Error boundaries
- Testing considerations"

zo @handler.go "Review this Go code for:
- Error handling patterns
- Goroutine safety
- Resource cleanup (defer usage)
- Context usage
- Package design
- Testing approach"

zo @api.js "Security review focusing on:
- Input validation
- SQL injection risks
- XSS vulnerabilities
- Authentication/authorization
- Sensitive data exposure
- CSRF protection
- Rate limiting"

zo @query.sql "Performance review:
- Query optimization
- Index usage
- N+1 query problems
- Expensive operations
- Caching opportunities
- Scalability concerns"

zo @main.rs @lib.rs @types.rs "Architecture review:
- Separation of concerns
- Dependency management
- Interface design
- Scalability
- Maintainability
- Testing strategy"

git diff --cached | zo /reviewer "Review my staged changes before commit"

git show HEAD | zo 'Review this commit and suggest improvements'

git diff main...feature | zo /reviewer "Compare feature branch with main"

git diff main...feature > changes.diff
git log main...feature --oneline > commits.txt
zo @changes.diff @commits.txt "Review this PR:
- Are the changes cohesive?
- Is this ready to merge?
- Any concerns or suggestions?"

zo --chat @src/complex.rs "Let's do a detailed code review"
> What are the main issues?
> How can I improve the error handling?
> Are there any edge cases I'm missing?
> What about testing?
> exit

zo --chat @legacy.py "Let's refactor this code"
> What are the biggest problems?
> How should I restructure this?
> Show me the refactored version
> What tests should I add?
> exit

#!/bin/bash
# In your CI pipeline
 
# Review changed files
git diff origin/main...HEAD | zo /reviewer "Review for merge" > review.txt
 
# Create comment with review
cat review.txt

zo @api.rs "Review this API endpoint for:
□ Input validation
□ Authentication/authorization
□ Error handling
□ Logging
□ Rate limiting
□ Database transaction handling
□ Response format consistency
□ API documentation
□ Testing"

zo @Button.tsx "Review this component for:
□ TypeScript types
□ Props validation
□ Accessibility (ARIA labels, keyboard nav)
□ Responsive design
□ Error states
□ Loading states
□ Performance (memo, callback)
□ Testing
□ Documentation"

zo @migration.sql "Review this migration for:
□ Backward compatibility
□ Index creation strategy
□ Data integrity constraints
□ Performance impact
□ Rollback plan
□ Default values
□ NULL handling"

# Show more context in diff
git diff -U10 | zo /reviewer "Review with extended context"

# Review last 3 commits
git log -3 -p | zo 'Review these commits for consistency'

git log -p --follow src/auth.rs | zo 'Review the evolution of this file. Any technical debt?'

zo @old_impl.py @new_impl.py "Compare these implementations:
- Which is better and why?
- Performance implications?
- Maintainability?
- Edge cases handled?"

zo @code.rs "Check for:
- Unnecessary .clone() calls
- Missing #[must_use] annotations
- Potential panic! in production code
- Unsafe code without justification
- Missing error context
- Unoptimized string handling"

zo @code.py "Check for:
- Mutable default arguments
- Broad exception catching
- Missing type hints
- f-string vs % vs .format()
- List comprehension opportunities
- Generator usage for large data"

zo @code.js "Check for:
- var vs let/const
- Promise handling
- Async/await patterns
- Memory leaks (event listeners)
- Console.log statements"

git diff | zo /reviewer "Brief review: list only high/critical issues"

zo @complex.rs "Detailed review with:
- Code snippets showing problems
- Suggested fixes with code
- Explanation of issues
- Priority ranking"

git diff | zo /reviewer "Review in markdown format with:
- Summary section
- Issues by category
- Suggested improvements
- Code examples" > REVIEW.md

# ❌ Too vague
zo @code.rs "Review this"
 
# ✅ Specific
zo @code.rs "Review for memory leaks and unnecessary allocations"

# ❌ No context
zo @handler.go "Review this"
 
# ✅ With context
zo @handler.go "This is a high-traffic API endpoint. Review for performance and security"

# Quick review - fast model
zo /flash @small_change.js "Quick review"
 
# Deep review - smart model
zo /opus @critical_auth.rs "Thorough security review"

# Start in chat mode for back-and-forth
zo --chat @code.rs "Let's review this together"
> Focus on the authentication logic
> How can I make it more secure?
> Show me the improved version
> exit