Skip to content
Everything Claude Code

kotlin-review

Command View source on GitHub

Comprehensive Kotlin code review for idiomatic patterns, null safety, coroutine safety, and security. Invokes the kotlin-reviewer agent.

Kotlin Code Review

This command invokes the kotlin-reviewer agent for comprehensive Kotlin-specific code review.

What This Command Does

  1. Identify Kotlin Changes: Find modified .kt and .kts files via git diff
  2. Run Build & Static Analysis: Execute ./gradlew build, detekt, ktlintCheck
  3. Security Scan: Check for SQL injection, command injection, hardcoded secrets
  4. Null Safety Review: Analyze !! usage, platform type handling, unsafe casts
  5. Coroutine Review: Check structured concurrency, dispatcher usage, cancellation
  6. Generate Report: Categorize issues by severity

When to Use

Use /kotlin-review when:

  • After writing or modifying Kotlin code
  • Before committing Kotlin changes
  • Reviewing pull requests with Kotlin code
  • Onboarding to a new Kotlin codebase
  • Learning idiomatic Kotlin patterns

Review Categories

CRITICAL (Must Fix)

  • SQL/Command injection vulnerabilities
  • Force-unwrap !! without justification
  • Platform type null safety violations
  • GlobalScope usage (structured concurrency violation)
  • Hardcoded credentials
  • Unsafe deserialization

HIGH (Should Fix)

  • Mutable state where immutable suffices
  • Blocking calls inside coroutine context
  • Missing cancellation checks in long loops
  • Non-exhaustive when on sealed types
  • Large functions (>50 lines)
  • Deep nesting (>4 levels)

MEDIUM (Consider)

  • Non-idiomatic Kotlin (Java-style patterns)
  • Missing trailing commas
  • Scope function misuse or nesting
  • Missing sequence for large collection chains
  • Redundant explicit types

Automated Checks Run

Terminal window
# Build check
./gradlew build


# Static analysis
./gradlew detekt


# Formatting check
./gradlew ktlintCheck


# Tests
./gradlew test

Example Usage

User: /kotlin-review


Agent:
# Kotlin Code Review Report


## Files Reviewed
- src/main/kotlin/com/example/service/UserService.kt (modified)
- src/main/kotlin/com/example/routes/UserRoutes.kt (modified)


## Static Analysis Results
✓ Build: Successful
✓ detekt: No issues
WARNING: ktlint: 2 formatting warnings


## Issues Found


[CRITICAL] Force-Unwrap Null Safety
File: src/main/kotlin/com/example/service/UserService.kt:28
Issue: Using !! on nullable repository result
```kotlin
val user = repository.findById(id)!!  // NPE risk
```
Fix: Use safe call with error handling
```kotlin
val user = repository.findById(id)
    ?: throw UserNotFoundException("User $id not found")
```


[HIGH] GlobalScope Usage
File: src/main/kotlin/com/example/routes/UserRoutes.kt:45
Issue: Using GlobalScope breaks structured concurrency
```kotlin
GlobalScope.launch {
    notificationService.sendWelcome(user)
}
```
Fix: Use the call's coroutine scope
```kotlin
launch {
    notificationService.sendWelcome(user)
}
```


## Summary
- CRITICAL: 1
- HIGH: 1
- MEDIUM: 0


Recommendation: FAIL: Block merge until CRITICAL issue is fixed

Approval Criteria

StatusCondition
PASS: ApproveNo CRITICAL or HIGH issues
WARNING: WarningOnly MEDIUM issues (merge with caution)
FAIL: BlockCRITICAL or HIGH issues found

Integration with Other Commands

  • Use /kotlin-test first to ensure tests pass
  • Use /kotlin-build if build errors occur
  • Use /kotlin-review before committing
  • Use /code-review for non-Kotlin-specific concerns
  • Agent: agents/kotlin-reviewer.md
  • Skills: skills/kotlin-patterns/, skills/kotlin-testing/
← Back to Commands