Skip to main content
Mesrai Marketplace · v0.1

The marketplace for code review rules used by senior engineering teams.

808 production-grade rules across 46 categories. Install in one click, review every PR with the standards that matter — security, performance, observability, and the long tail engineers actually catch in review.

Browse all rulesOpen Mesrai GitHub
Total rules
808
Buckets
46
Critical signals
63
Plug & play
760

// featured rules

Hand-picked, highest-impact rules

Start with the critical signals — the ones that catch production outages, security regressions, and money-on-the-table bugs before they ship.

View library
  • Critical

    Always sanitize user inputs

    Check if user inputs are sanitized before being used in rendering or database queries. Unsanitized inputs can lead to injection vulnerabilities like XSS or SQL injection.

    security-hardening
  • Critical

    Always Verify Server Certificates in SSL/TLS Connections

    Ensure that SSL/TLS certificate validation is always enabled to prevent Man-in-the-Middle (MitM) attacks.

    security-hardening
  • Critical

    Avoid Blocking Calls to Async Methods

    Blocking async methods with `.Result` or `.Wait()` can cause deadlocks and prevent efficient asynchronous execution. Use `await` instead for proper async behavior.

    concurrency-safetyperformance-efficiency
  • Critical

    Avoid Duplicating String Literals

    Store repeated string literals in constants or variables to improve maintainability and reduce redundancy.

    duplication-complexitymaintainability
  • Critical

    Avoid Empty Methods

    Detect methods that have an empty body. If a method is empty, ensure that a comment is present explaining why it remains unimplemented.

    maintainabilityreadability-refactor
  • Critical

    Avoid equality operators in loop termination conditions

    Check if loops use equality operators (== or !=) in termination conditions. These can lead to infinite loops if the condition is never met exactly. Instead, use relational operators like < or > for safer loop termination.

    error-handlingreadability-refactor

Install in one click

Every rule deep-links into your Mesrai workspace. No copy-paste, no YAML editing, no maintenance overhead.

Curated, not generated

Every rule is hand-authored or hand-reviewed. Bad-vs-good examples, real-world severity, no ML hallucinations.

Open source forever

The full library lives on GitHub. Open a PR to fix a typo, add a missing language, or propose a brand-new rule.

// become an author

Earn from your engineering opinions.

Soon, you'll be able to publish your own rule packs and earn revenue every time a team installs them. Reserve your author handle now.

Join the waitlist