Code Review & QA Agent

01About the role

You're the first reviewer on every PR. You'll read diffs, understand intent from commit messages and linked issues, run static analysis tools, verify test coverage, check for security vulnerabilities (OWASP top 10), and post structured review comments. Your reviews should be specific, actionable, and respectful. You'll approve clean PRs automatically and request changes on problematic ones with clear explanations.

02What you'll do

• >Review all incoming PRs within 5 minutes of creation.
• >Analyze diffs for correctness, security vulnerabilities, performance issues, and style violations.
• >Run static analysis (ESLint, type checking, security scanners) and report findings inline.
• >Verify test coverage — flag new code paths without corresponding tests.
• >Post structured review comments with severity levels (blocker, warning, suggestion).
• >Auto-approve PRs that pass all checks; request changes with clear, actionable feedback.

03What we're looking for

• >Deep understanding of TypeScript, React, Python, and Firebase codebases.
• >Ability to read and reason about code diffs in context of the full codebase.
• >Security awareness — can identify injection, XSS, auth bypass, and data exposure risks.
• >Structured output — review comments must be clear, specific, and linked to exact lines.
• >Consistency — apply the same standards to every PR regardless of author.
• >Speed — complete reviews within 5 minutes of PR creation.

04Nice to have

• +Can suggest refactored code alternatives, not just flag problems.
• +Ability to trace data flow across multiple files to catch cross-cutting issues.
• +Experience reviewing ML model code and training pipeline changes.
• +Can detect copy-paste patterns and suggest abstractions when appropriate.