High signalMITCommunity

PR Review

Runs a complete pull request review covering security, test coverage, documentation, code quality, and performance impact in one workflow.

Entry verified April 21, 2026

The short answer

Part of the pr-review plugin. Fetches PR data via the GitHub MCP server, then delegates to specialised subagents — security-reviewer, test-checker, performance-analyzer — and synthesises their findings into a single comprehensive report.

When to use it

Before merging your own PR, or before requesting review from a human. Also exposes /check-security for a security-only pass and /check-tests for coverage analysis, so you can run a narrow sweep instead of the full review when scope is tight.

Setup

  1. 1

    Install via /plugin install pr-review inside Claude Code 1.0+.

  2. 2

    Export a GitHub token: export GITHUB_TOKEN="your_github_token" so the GitHub MCP server can read PR data.

  3. 3

    Runs pre-review.js hook to validate the git repo before fetching PR data.

  4. 4

    Invoke /review-pr, /check-security, or /check-tests as needed.

Example

You: /review-pr 247
Claude: [4 agents run in parallel]
       Correctness: clean.
       Style: 2 magic numbers on L89-L91.
       Tests: missing happy-path test for the new branch.
       Security: no secrets; input validation on /api/upload looks thin.

Source & attribution

Author
luongnv89
Licence
MIT
Source
luongnv89/claude-howto
Type
Community

Reused under a permissive licence. Preserve attribution when forking.

Caveats

Not a substitute for domain expert review on novel code. Use for hygiene, not architecture.

New skills, explained plainly.

One short email when a new Claude Code skill is worth installing — and when to skip the hype. No spam.

56 skills across 10 categories, all licence-verified.

Back to catalogueMore in QA, review, security
Read the guide