coldbox-reviewerlisted

Use this skill when reviewing ColdBox application code for correctness, security, performance, testability, and adherence to ColdBox conventions. Covers handlers, services, models, interceptors, modules, routing, ORM/OBM usage, REST APIs, dependency injection patterns, and common anti-patterns to flag during pull request reviews.
ColdBox/skills · ★ 0 · AI & Automation · score 61

Install: claude install-skill ColdBox/skills

# ColdBox Code Reviewer ## When to Use This Skill Use this skill when: - Reviewing pull requests for ColdBox (BoxLang or CFML) applications - Auditing an existing codebase for quality and security issues - Establishing a code review checklist for a development team - Identifying anti-patterns or risky patterns in ColdBox code --- ## Language Mode Reference Examples use **BoxLang (`.bx`)** syntax by default. Adapt for your target language: | Concept | BoxLang (`.bx`) | CFML (`.cfc`) | |---------|-----------------|---------------| | Class declaration | `class [extends="..."] {` | `component [extends="..."] {` | | DI annotation | `@inject` above `property name="svc";` | `property name="svc" inject="svc";` | | View templates | `.bxm` suffix | `.cfm` / `.cfml` suffix | | Tag prefix | `<bx:if>`, `<bx:output>`, `<bx:set>` | `<cfif>`, `<cfoutput>`, `<cfset>` | > **CFML Compat Mode**: With BoxLang + CFML Compat module, `.bx` and `.cfc` files coexist freely. BoxLang-native classes use `class {}` (`.bx` files); CFML-compat classes use `component {}` (`.cfc` files). ## Review Checklist Overview | Category | Key Questions | |----------|--------------| | Architecture | Does the code follow the ColdBox layers correctly? | | Handlers | Are actions thin? No business logic leaking in? | | Services | Single responsibility? Proper error handling? | | Security | Input validated? SQL injection / XSS / CSRF covered? | | Dependency Injection | WireBox used correctly? No `createObject()` ant