AI Code Review

OpenClaw jadi Senior Engineer lo—24/7 online, baca setiap baris code dengan serius

Reality of Code Review

Nunggu review sampai bunga gugur

Submit PR, Senior lagi sibuk project lain. Dua hari kemudian akhirnya review, cuma kasih "LGTM". Nunggu lama atau nggak dilihat serius—review kayak gini apa gunanya sih?

Yang lebih parah, tiap orang di team punya standard beda. Si A bilang oke, si B bilang harus ubah. Siapa yang bener? Unified standard? Tiga kali meeting tetep nggak kesepakatan.

OpenClaw: Senior Engineer yang 24/7 online

Kirim kode ke OpenClaw, dia bakal review setiap baris pake best practice: security vulnerability, performance bottleneck, maintainability, edge case—semuanya tercakup.

Nggak perlu antri, nggak perlu lihat muka orang, nggak akan "lagi sibuk" terus skip. Plus standard review-nya consistent—nggak perlu debat lagi "ini emang problem apa nggak".

3 Prompt review, kopas langsung pakai

Dari security review sampai design principle, pilih sesuai kebutuhan.

Review PR: specialized security + performance check Golden instruction

Please review code change ini (PR diff), focus on:

1. Security vulnerability: SQL injection, XSS, CSRF, info leak, unsafe deserialization
2. Performance issue: N+1 query, unnecessary memory allocation, unindexed query, blocking operation
3. Edge case: null handling, race condition, huge data scenario

Buat tiap problem provide:
- Severity level (Critical / Warning / Suggestion)
- Location (file name + line number)
- Fix recommendation dan example code

Finish dengan overall assessment dan merge recommendation.

Cocok buat self-review sebelum submit PR, catch kebanyakan security issue umum. Recommend pake Claude Opus 4.6, dia paham cross-file security risk lebih dalam.

SOLID principle compliance check Advanced tips

Check apakah code ini follow SOLID principle:

- S (Single Responsibility): class/function ini handle terlalu banyak hal?
- O (Open-Closed): feature baru perlu ubah existing code?
- L (Liskov Substitution): subclass bisa safe replace parent class?
- I (Interface Segregation): interface ini terlalu fat?
- D (Dependency Inversion): high-level module directly depend on low-level implementation?

Buat tiap violation:
1. Jelasin apa yang violation, dimana
2. Kenapa ini problem
3. Provide refactor plan dan code example

Cocok buat review core business logic atau infrastructure code. Daily CRUD API nggak perlu sampai segini.

Database query N+1 issue investigation Golden instruction

Analyze database query di code ini:

1. Identify semua N+1 query problem:
   - Mark query yang trigger di loop
   - Calculate worst-case query count
2. Provide optimization plan:
   - Mana yang bisa merge dengan JOIN
   - Mana yang bisa pake eager loading / preload
   - Mana yang butuh cache
3. Write optimized code
4. Estimate performance difference sebelum-sesudah

ORM framework yang lo pake adalah [your framework, like SQLAlchemy / Prisma / ActiveRecord].

N+1 adalah performance killer paling umum, list page yang slow cek ini dulu. Jangan lupa replace ORM framework name sama yang lo pake.

Code review: OpenClaw vs GitHub Copilot

Sama-sama bisa review code, tapi cara totally beda.

OpenClaw

Liat context keseluruhan project, cross-file understand business logic
Prompt totally customizable, review sesuai team rule lo
Bisa switch model: simple review pake GPT-4o, complex architecture pake Opus 4.6
Review result bisa export, archive, jadi team knowledge base

GitHub Copilot Code Review

Integrated di GitHub PR interface, easy trigger
Review scope mainly diff content, cross-file understanding limited
Model fixed, customize review rule nggak bisa
Chinese comment dan variable name understanding kadang aneh

Real scenario

Startup team: dua backend handle semua code

Team cuma punya dua backend, mutual review often miss issue, bug discover pas launch.

OpenClaw solution

Sebelum submit PR, run OpenClaw security + performance audit, filter obvious problem, human review fokus business logic aja. Launch accident rate turun 50%, review time dari 2 hari rata-rata jadi half day.

Full manual solution

Dua orang mutual review, sibuk waktu cuma LGTM. Code standard depend on verbal agreement, newbie datang harus training ulang.

Beberapa tips praktis

💡 Jangan throw seluruh project sekaligus ke AI review. Per-module divide, tiap kali fokus satu angle (security, performance, readability), hasil lebih bagus.

🎯 AI review bukan replace human review, ini pre-check sebelum human. Bikin machine catch format dan common problem, bikin human focus design dan business logic.

Case ini membantu kamu?