Skip to main content
Glama
RealMikeChong

Ultra MCP

by RealMikeChong
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

Review Code

review-code

Analyze code for bugs, security vulnerabilities, performance bottlenecks, and style inconsistencies to improve code quality and reliability.

Instructions

Review code for bugs, security issues, performance, or style problems

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
taskYesWhat to review (e.g., 'review pull request changes', 'check for security issues')
filesNoFile paths to review (optional)
focusNoReview focus areaall
providerNoAI provider to usegemini

Implementation Reference

  • src/server.ts:295-302 (registration)
    Registration of the 'review-code' tool in the MCP server, specifying title, description, input schema (ReviewCodeSchema), and handler function that delegates to AIToolHandlers.handleReviewCode
    server.registerTool("review-code", {
  title: "Review Code",
  description: "Review code for bugs, security issues, performance, or style problems",
  inputSchema: ReviewCodeSchema.shape,
}, async (args) => {
  const aiHandlers = await getHandlers();
  return await aiHandlers.handleReviewCode(args);
});
  • src/server.ts:41-46 (schema)
    Zod schema definition for 'review-code' tool input validation: task, optional files, focus (bugs/security/performance/style/all), provider
    const ReviewCodeSchema = z.object({
  task: z.string().describe("What to review (e.g., 'review pull request changes', 'check for security issues')"),
  files: z.array(z.string()).optional().describe("File paths to review (optional)"),
  focus: z.enum(["bugs", "security", "performance", "style", "all"]).default("all").describe("Review focus area"),
  provider: z.enum(["openai", "gemini", "azure", "grok"]).optional().default("gemini").describe("AI provider to use"),
});
  • src/handlers/ai-tools.ts:350-398 (handler)
    Core handler implementation in AIToolHandlers class: selects provider, builds focus-specific system prompt for code review, generates AI response with low temperature, returns structured content and metadata
    async handleReviewCode(params: z.infer<typeof ReviewCodeSchema>) {
  // Use provided provider or get the preferred one (Azure if configured)
  const providerName = params.provider || (await this.providerManager.getPreferredProvider(['openai', 'gemini', 'azure', 'grok']));
  const provider = await this.providerManager.getProvider(providerName);
  
  const focusPrompts = {
    bugs: "Focus on identifying potential bugs, logic errors, and runtime issues",
    security: "Focus on security vulnerabilities, input validation, and secure coding practices",
    performance: "Focus on performance bottlenecks, inefficient algorithms, and optimization opportunities",
    style: "Focus on code style, formatting, naming conventions, and readability",
    all: "Provide comprehensive code review covering bugs, security, performance, and style"
  };

  const systemPrompt = `You are an expert code reviewer. Review the provided code thoroughly.
  ${focusPrompts[params.focus]}
  
  Provide detailed feedback on:
  - Issues found and their severity
  - Specific recommendations for improvement
  - Code quality assessment
  - Best practices and standards compliance
  
  Be constructive and specific in your review comments.`;

  const prompt = `Review the following: ${params.task}${params.files ? `\n\nFiles to review: ${params.files.join(", ")}` : ""}`;

  const response = await provider.generateText({
    prompt,
    systemPrompt,
    temperature: 0.2, // Very low temperature for code review accuracy
    reasoningEffort: (providerName === "openai" || providerName === "azure" || providerName === "grok") ? "high" : undefined,
    useSearchGrounding: false, // No search needed for code review
  });

  return {
    content: [
      {
        type: "text",
        text: response.text,
      },
    ],
    metadata: {
      provider: providerName,
      model: response.model,
      focus: params.focus,
      usage: response.usage,
      ...response.metadata,
    },
  };

Tool Definition Quality

C2.9/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden for behavioral disclosure. It mentions what the tool reviews but doesn't describe how it works (e.g., AI-based analysis, static analysis), what permissions or authentication might be needed, whether it modifies code, rate limits, or output format. For a tool with no annotation coverage, this leaves significant behavioral gaps.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that directly states the tool's purpose with zero wasted words. It's appropriately sized and front-loaded, making it easy to understand at a glance.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of code review (which could involve AI providers, file analysis, etc.), no annotations, and no output schema, the description is incomplete. It doesn't cover behavioral aspects, usage context, or what to expect from the tool's operation, leaving significant gaps for an agent to use it effectively.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema fully documents all four parameters. The description doesn't add any parameter-specific information beyond what's in the schema (e.g., it doesn't explain 'task' or 'focus' in more detail). Baseline 3 is appropriate when the schema does the heavy lifting.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Review code for bugs, security issues, performance, or style problems.' It specifies the verb ('review') and resource ('code') with concrete review areas. However, it doesn't distinguish this tool from sibling tools like 'analyze-code' or 'ultra-review,' which likely have overlapping functionality.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. With many sibling tools (e.g., 'analyze-code,' 'ultra-review,' 'secaudit'), there's no indication of when this specific review tool is appropriate, what prerequisites might exist, or when other tools might be better suited.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/RealMikeChong/ultra-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server