Coding Workflows Workflow Intermediate

AI Code Review Workflow

A complete AI-assisted review pass — not one prompt — that ends with ranked findings, tests guarding behavior, and a refactor plan when one is warranted.

The problem

One review prompt reads a diff and hands back an opinion. A real review is more than that. Give the model no project context and it invents conventions you don't follow. Let it judge code it doesn't actually understand and it approves the wrong things confidently. And a review that lists problems but leaves behind no tests and no plan hasn't made the merge any safer. This playbook chains the coding tools you already have so each step sets up the next — context, then review, then understanding, then a safety net.

Recommended workflow

Each step uses an existing NewPrompt tool, pre-filled by a matching resource. Open the resource to read it, or jump straight into the tool with the inputs ready.

  1. Prepare project context

    Before the model reviews anything, give it the project's stack, conventions, and domain so it reviews against your standards instead of generic best practice. Build a context profile once and reuse it as the first message in every review session.

    Goal A reusable project context profile the model reads before every review, so its feedback matches your conventions.

    Resource Configure AI for an Existing Codebase
    Tool Project Context Builder
    Open this step in Project Context Builder

  2. Generate the code review prompt

    With context in place, generate the review contract — what to check (correctness, security, tests, design), how to rank findings (must-fix vs nit), and what format the output should take. Paste the diff after it.

    Goal A structured review prompt that returns severity-ranked, actionable findings instead of a vague opinion.

    Resource Code Review Prompt — the Review Contract
    Tool Code Review Prompt Generator
    Open this step in Code Review Prompt Generator

  3. Understand risky or unclear code

    When the review flags code you don't fully understand — a dense function, legacy logic, an unfamiliar pattern — don't approve on faith. Get a grounded, line-aware explanation of what it actually does before judging the change.

    Goal A clear understanding of the risky section, so the review verdict is based on what the code does, not what it looks like.

    Resource Explain Code Prompt — the Understanding Contract
    Tool Code Explanation Prompt
    Open this step in Code Explanation Prompt

  4. Generate regression tests

    For behavior the change touches, pin the current behavior with regression tests before anything moves. This turns 'looks fine' into a safety net that catches the bug the next change would reintroduce.

    Goal Regression tests that lock in current behavior, so a fixed bug stays fixed and risky changes are provably safe.

    Resource Regression Test Prompt — Pin It Before You Change It
    Tool Test Case Prompt Generator
    Open this step in Test Case Prompt Generator

  5. Plan a safe refactor if needed

    If the review surfaces code that should be restructured, plan the refactor with zero-regression discipline — behavior preserved, changes sequenced, validation defined — rather than rewriting in place during the review.

    Goal A behavior-preserving refactoring plan you can hand off or execute after the tests are in place.

    Resource Safe Refactoring Prompt — Zero Regression Tolerance
    Tool Refactor Prompt Builder
    Open this step in Refactor Prompt Builder

Expected outcome

You finish with severity-ranked findings, a real understanding of the code you were unsure about, regression tests guarding current behavior, and a behavior-preserving refactor plan when one is warranted. The change is genuinely safer to merge — not just looked at.

Best for

  • Reviewing a teammate's pull request with AI as a consistent process
  • Reviewing your own change before opening the PR
  • Reviewing risky changes to unfamiliar or legacy code

Not for

  • A quick one-off review of a tiny diff — the single Code Review Prompt is enough
  • Replacing human review entirely — this assists judgment, it doesn't remove it

FAQ

How is this different from a code review prompt?

A code review prompt reviews one diff. This workflow is the full process around it — setting project context first, then reviewing, then understanding risky code, adding regression tests, and planning a safe refactor. Use the single prompt for a quick look; use the workflow when the change actually matters.

Do I have to do every step?

No. Steps 1 and 2 are the core. Step 3 only applies when the review flags code you don't fully understand, and steps 4–5 apply when the change touches behavior or needs restructuring. Skip what a given review doesn't need.

Does this run my code or send it anywhere?

No. Every tool in this workflow runs entirely in your browser and only generates prompts — you paste those prompts and your code into the AI you already use. NewPrompt never executes code or sends it to a server.

How does this relate to the AI Debugging and AI Refactoring workflows?

Code review catches problems before a change merges. The AI Debugging Workflow takes over once something is already broken and you need to find why. The AI Refactoring Workflow is for restructuring code you've already decided to change. Step 5 here only sketches a refactor in passing — when the restructuring is the real work, run the dedicated AI Refactoring Workflow instead.

Tip: Each step's resource opens its tool pre-filled — start at step one and carry the output forward.

All playbooks