liveview-code-review
Reviews Phoenix LiveView code for lifecycle patterns, assigns/streams usage, components, and security. Use when reviewing LiveView modules, .heex templates, or LiveComponents.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/anderskev/liveview-code-reviewWhat This Skill Does
The liveview-code-review skill acts as an expert Elixir and Phoenix Framework consultant integrated directly into your workflow. It specializes in auditing Phoenix LiveView modules and HEEx templates to ensure they adhere to modern community standards. The skill rigorously checks for critical performance issues, such as incorrect async socket handling and inefficient collection rendering, while providing a security-first analysis of event handling. It helps developers move from prototype to production by identifying missing authorization checks, validating phx-value parameters, and suggesting optimizations like temporary_assigns or proper streaming techniques. By following the embedded checklists, you ensure your application remains maintainable and scalable.
Installation
To integrate this skill into your environment, run the following command in your terminal:
clawhub install openclaw/skills/skills/anderskev/liveview-code-review
Use Cases
This skill is ideal for:
- Pull Request Reviews: Automatically analyze code snippets before pushing to version control.
- Performance Audits: Identify why a page might be sluggish or why memory usage is spiking in LiveView processes.
- Security Hardening: Ensure that all client-triggered events are properly authorized and protected against malicious user-supplied parameters.
- Refactoring: Determine if a component should be refactored from a LiveComponent to a functional component or if a standard list should be converted to a stream.
Example Prompts
- "Review this LiveView module for potential security vulnerabilities and performance bottlenecks: [Insert Code]"
- "I am handling a large collection of items that cause UI lag. Should I use streams, and how do I implement them with AsyncResult?"
- "Check if I'm incorrectly copying the socket into my task block in this handle_event function: [Insert Code]"
Tips & Limitations
The skill is designed for Phoenix 1.7+ patterns. While it is excellent at identifying common anti-patterns like socket copying, it cannot verify actual database logic or complex business rules. Always remember that user-modifiable input should be treated as untrusted regardless of the skill's output. For the most accurate results, provide the full module context rather than isolated snippets.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-anderskev-liveview-code-review": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Related Skills
tutorial-docs
Tutorial patterns for documentation - learning-oriented guides that teach through guided doing
fetch-pr-feedback
Fetch review comments from a PR and evaluate with receive-feedback skill
swift-testing-code-review
Reviews Swift Testing code for proper use of
rust-testing-code-review
Reviews Rust test code for unit test patterns, integration test structure, async testing, mocking approaches, and property-based testing. Covers Rust 2024 edition changes including async fn in traits for mocks,
explanation-docs
Explanation documentation patterns for understanding-oriented content - conceptual guides that explain why things work the way they do