Strict code review for AgentScope LLM application development - enforces lazy loading, security, testing, documentation, and Git standards
Conducts strict code review for AgentScope projects following agent-oriented programming principles for building LLM applications.
Each requirement is labeled with enforcement level:
When reviewing code changes, systematically check the following areas:
#### Lazy Loading [MUST]
1. **Check third-party imports**:
- Verify third-party libraries (not in `pyproject.toml` `dependencies`) are imported at point of use, not at file top
- For base class imports, ensure factory pattern is used:
```python
def get_xxx_cls() -> "MyClass":
from xxx import BaseClass
class MyClass(BaseClass): ...
return MyClass
```
2. **Identify violations**: Flag any centralized third-party imports
#### Code Conciseness [SHOULD]
1. Look for optimization opportunities:
- Unnecessary temporary variables
- Duplicate code blocks
- Existing utility functions that could be reused
2. Suggest specific improvements
#### Encapsulation Standards [MUST]
1. **Check file naming**: All Python files under `src/agentscope` must use `_` prefix with exposure controlled through `__init__.py`
2. **Check internal API naming**: Classes/functions for internal framework use (not user-facing) must have `_` prefix
Scan for security vulnerabilities:
1. **Hardcoded secrets**: API keys, tokens, passwords must use environment variables or configuration files
2. **Debug artifacts**: Temporary credentials, debug information
3. **Injection risks**: SQL injection, command injection, code injection vulnerabilities
Flag any security issues immediately.
1. **Test coverage**: New features must include unit tests
2. **Dependency management**:
- New dependencies must be added to appropriate `pyproject.toml` section
- Non-core scenario dependencies should not be in minimal dependency list
#### Docstring Requirements
1. **Language**: All comments and docstrings must be in English
2. **Completeness**: Every class and method must have docstring following this template:
```python
def func(a: str, b: int | None = None) -> str:
"""{description}
Args:
a (`str`):
The argument a
b (`int | None`, optional):
The argument b
Returns:
`str`:
The return str
"""
```
3. **Special content**: Use reStructuredText syntax:
```python
class MyClass:
"""xxx
`Example link <https://xxx>`_
.. note:: Example note
.. tip:: Example tip
.. important:: Example important info
.. code-block:: python
def hello_world():
print("Hello world!")
"""
```
#### Pre-commit Checks [MUST]
1. **Default policy**: Code should be modified rather than skipping checks
2. **File-level skipping prohibited**
3. **Only allowed skip**: Agent class system prompt parameters (to avoid `\n` formatting issues)
#### PR Title Format
Check PR title follows Conventional Commits:
1. **Required prefix**: `feat`, `fix`, `docs`, `ci`, `refactor`, `test`, etc.
2. **Format**: `<type>(scope): description`
3. **Example**: `feat(memory): add redis cache support`
For each issue found, provide:
1. **Severity**: [MUST] / [SHOULD] / [MAY]
2. **Category**: Code Quality / Security / Testing / Documentation / Git
3. **Location**: File path and line numbers
4. **Issue**: Clear description of the problem
5. **Recommendation**: Specific fix or improvement
Example:
```
[MUST] Security - src/agentscope/api.py:42
Issue: Hardcoded API key found
Recommendation: Move to environment variable using os.getenv('AGENTSCOPE_API_KEY')
```
Leave a review
No reviews yet. Be the first to review this skill!
# Download SKILL.md from killerskills.ai/api/skills/agentscope-code-reviewer/raw