AI Business Code Review

Overview

Review AI-generated business/application code for correctness, robustness, maintainability, performance, and security. Output a 0-10 score, a risk level, and a must-fix checklist. For C++ code,

REQUIRED

use

openharmony-cpp

and

openharmony-security-review

as hard constraints.

When to Use

AI-generated business/app code review or quality evaluation

Need scoring, risk level, or must-fix checklist

C++ business code must meet OpenHarmony coding/security requirements

Workflow

Identify language and code type (business vs test). If test code, use

ai-generated-ut-code-review

instead.

For C++: load and apply

openharmony-cpp

+

openharmony-security-review

as mandatory constraints.

Inspect behavior vs requirements, edge cases, error handling, resource management, and security.

Score by rubric, assign risk level, list must-fix items with concrete evidence (file/line or snippet).

Scoring (0-10)

Each dimension 0-2 points. Sum = total score.

Dimension

0

1

2

Correctness

Wrong/missing key behavior

Partial/assumptions

Meets requirements

Robustness

Crashes/leaks/unchecked errors

Some edge handling

Solid edge/error handling

Maintainability

Hard to read/modify

Mixed quality

Clear structure & naming

Performance

Inefficient hot paths

Acceptable but improvable

Efficient for expected load

Security

Clear vulnerabilities

Weak validation/unsafe

Safe-by-default, validated

Risk Levels

Blocker

security漏洞、严重逻辑错误、或违反 C++ 强制规范

High

关键路径缺失、异常处理不完整、明显资源泄漏

Medium

维护性或性能风险显著

Low

轻微问题或风格一致性

Must-Fix Checklist

外部输入有明确校验与错误反馈

关键异常路径可达且可观测（日志/错误码/异常）

资源释放或 RAII 保证（C++）

C++ 场景满足

openharmony-cpp

与

openharmony-security-review

AI-Generated Code Pitfalls (Check Explicitly)

需求误解、隐含前提错误

只覆盖 happy-path，忽略异常/边界

吞异常或默认值不合理

复制粘贴造成重复与不一致

过度复杂化或抽象错误

Output Format (Required, Semi-fixed)

Score

x/10 — Correctness x, Robustness x, Maintainability x, Performance x, Security x

Risk

Low/Medium/High/Blocker — 简述风险原因（1 行） Must-fix : [动作 + 证据] [动作 + 证据] Key Evidence : 引用具体函数/类/路径（1-2 条） Notes : 最小修复建议或替代方案（1-2 行） Rules: C++ 必须在 Key Evidence 或 Must-fix 中明确指出违反 openharmony-cpp / openharmony-security-review 的点 至少 2 条证据；证据不足需说明并降分 禁止只给总体评价 Common Mistakes 只给总体评价，不给证据 忽略 C++ 强制规范 将风格问题当作阻断风险 Example (Concise) Score: 6/10 (Correctness 1, Robustness 1, Maintainability 1, Performance 1, Security 2) Risk: High Must-fix: Missing input validation in createUser() (null/empty, length, format) Error path swallows exceptions without logging Key Evidence: createUser() accepts raw input without checks catch block is empty in persistUser() Notes: Add explicit validation and return structured errors.