# /review - Code Quality and Security Auditing

**Agents:** `smart-contract`, `frontend`

Perform comprehensive code review and security audit for the Movement dApp.

**IMPORTANT**: Delegate to `smart-contract` agent for contract review, `frontend` agent for frontend review.

## Workflow

### Step 1: Move Contract Security Audit

Check for common vulnerabilities:

#### Resource Safety
- [ ] No resource leaks (resources properly moved/destroyed)
- [ ] Proper use of `move_to`, `move_from`, `borrow_global`
- [ ] No dangling references

#### Access Control
- [ ] Signer validation on privileged functions
- [ ] Proper capability checks
- [ ] Admin functions protected

#### Arithmetic Safety
- [ ] No integer overflow/underflow
- [ ] Safe division (no divide by zero)
- [ ] Proper use of checked arithmetic

#### Reentrancy Protection
- [ ] State changes before external calls
- [ ] No recursive vulnerabilities

#### Event Emission
- [ ] All state changes emit events
- [ ] Events contain sufficient information

#### Gas Optimization
- [ ] No unbounded loops
- [ ] Efficient data structures
- [ ] Minimal storage operations

### Step 2: Frontend Security Audit

Check for:
- [ ] No hardcoded secrets
- [ ] Proper wallet connection handling
- [ ] Transaction signing validation
- [ ] XSS prevention
- [ ] Secure storage of user data

### Step 3: Generate Review Report

```markdown
# 🔍 Code Review Report

## Security Audit

### Critical Issues (Must Fix)
| ID | Location | Issue | Recommendation |
|----|----------|-------|----------------|
| C1 | contracts/sources/main.move:42 | Issue desc | Fix recommendation |

### High Priority Issues
| ID | Location | Issue | Recommendation |
|----|----------|-------|----------------|

### Medium Priority Issues
| ID | Location | Issue | Recommendation |
|----|----------|-------|----------------|

### Low Priority Issues
| ID | Location | Issue | Recommendation |
|----|----------|-------|----------------|

## Code Quality
### Contracts
- Style compliance: ✅/❌
- Documentation: ✅/❌
- Test coverage: {percentage}%

## Approval Status
- [ ] Ready for testnet deployment
- [ ] Ready for mainnet deployment
```

## Sub-Commands

### /review:security
Focus only on security audit

### /review:quality
Focus only on code quality

### /review:contracts
Review only Move contracts

## Success Criteria
- Review completed in <2 minutes
- All critical issues identified
- Clear remediation steps provided