playbooks

home / skills / shotaiuchi / dotclaude / review-concurrency

review-concurrency skill

/dotclaude/skills/review-concurrency

This skill helps you identify and fix concurrency and thread safety issues in multi-threaded code, preventing data races and deadlocks.

npx playbooks add skill shotaiuchi/dotclaude --skill review-concurrency

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
1.9 KB
---
name: review-concurrency
description: >-
  Concurrency and thread safety-focused code review. Apply when reviewing
  multi-threaded code, coroutines, async/await, shared mutable state,
  race conditions, deadlocks, and synchronization.
user-invocable: false
---

# Concurrency Review

Review code from a concurrency and thread safety perspective.

## Review Checklist

### Shared Mutable State
- Verify mutable state accessed from multiple threads is protected
- Check for proper use of synchronization primitives (mutex, lock, atomic)
- Look for unprotected read-modify-write sequences
- Verify thread-safe collections are used where needed

### Race Conditions
- Check for time-of-check-to-time-of-use (TOCTOU) bugs
- Verify initialization is thread-safe (lazy init, singleton)
- Look for ordering assumptions without proper synchronization
- Check for data races in shared data structures

### Deadlocks & Livelocks
- Verify consistent lock ordering across code paths
- Check for nested lock acquisition patterns
- Look for blocking calls while holding locks
- Verify timeout mechanisms on lock acquisition

### Coroutines & Async
- Verify proper dispatcher/context usage (IO vs Main vs Default)
- Check for unstructured concurrency (leaked coroutines/tasks)
- Ensure cancellation is properly handled and propagated
- Verify suspending functions don't block the thread

### Thread Confinement
- Check UI updates happen on the main/UI thread
- Verify database operations use appropriate threads
- Look for thread-confined objects accessed from wrong threads
- Check callback/listener thread expectations

## Output Format

| Severity | Description |
|----------|-------------|
| Critical | Data race or deadlock that will cause corruption or hang |
| High | Race condition that is likely to manifest under load |
| Medium | Thread safety issue in low-contention path |
| Low | Defensive improvement for potential future issues |

Overview

This skill performs concurrency and thread-safety-focused code reviews for multi-threaded, coroutine, and async code. It highlights defects that cause races, deadlocks, livelocks, and incorrect thread usage. The output classifies findings by severity and gives actionable remediation steps.

How this skill works

The skill inspects code paths that access shared mutable state, synchronization primitives, and concurrency APIs. It looks for unprotected read-modify-write sequences, inconsistent lock ordering, blocking calls under locks, coroutine leaks, and incorrect dispatcher usage. Each finding is mapped to a severity level and accompanied by targeted recommendations.

When to use it

  • Review pull requests that introduce threading, coroutines, or async/await logic
  • Audit code that manipulates shared mutable state or global caches
  • Assess performance fixes that change synchronization or locking
  • Validate new libraries that alter execution context or use background threads
  • Before release when stability under load is required

Best practices

  • Prefer immutable data or thread-safe collections to reduce locking needs
  • Use fine-grained locking and document lock acquisition order to avoid deadlocks
  • Prefer atomic operations for simple counters and flags instead of coarse locks
  • Ensure coroutine scopes are structured and cancellations are propagated
  • Avoid blocking calls while holding locks; use timeouts and non-blocking alternatives

Example use cases

  • Detect a TOCTOU bug in a config check followed by a write without synchronization
  • Flag nested synchronized blocks with inconsistent ordering that can deadlock under load
  • Find coroutines launched in global scope that can leak and outlive lifecycle owners
  • Identify UI updates performed off the main thread or DB operations on the main thread
  • Recommend replacing shared mutable maps with concurrent map implementations

FAQ

What languages or runtimes does this cover?

The review focuses on concurrency patterns and principles applicable across languages and runtimes, including threads, coroutines, and async/await. Language-specific idioms are considered when available.

How are severity levels determined?

Severity is based on impact and likelihood: Critical for corruption or hang, High for likely-to-manifest races, Medium for lower-risk thread-safety issues, and Low for defensive improvements.