Skip to main content
Mesrai Marketplace · v0.1

Code review rules and agent skills, in one place.

808 production-grade rules across 46 buckets, plus 14,777 agent skills across 24 categories. Install in one click. Review every PR with the standards engineers actually catch in code review.

Library rules
808
Rule buckets
46
Agent skills
14.8K
Skill categories
24
Critical signals
63

// featured rules

Hand-picked, highest-impact rules

Start with the critical signals — the ones that catch production outages, security regressions, and money-on-the-table bugs before they ship.

View library
  • Critical

    Always sanitize user inputs

    Check if user inputs are sanitized before being used in rendering or database queries. Unsanitized inputs can lead to injection vulnerabilities like XSS or SQL injection.

    security-hardening
  • Critical

    Always Verify Server Certificates in SSL/TLS Connections

    Ensure that SSL/TLS certificate validation is always enabled to prevent Man-in-the-Middle (MitM) attacks.

    security-hardening
  • Critical

    Avoid Blocking Calls to Async Methods

    Blocking async methods with `.Result` or `.Wait()` can cause deadlocks and prevent efficient asynchronous execution. Use `await` instead for proper async behavior.

    concurrency-safetyperformance-efficiency
  • Critical

    Avoid Duplicating String Literals

    Store repeated string literals in constants or variables to improve maintainability and reduce redundancy.

    duplication-complexitymaintainability
  • Critical

    Avoid Empty Methods

    Detect methods that have an empty body. If a method is empty, ensure that a comment is present explaining why it remains unimplemented.

    maintainabilityreadability-refactor
  • Critical

    Avoid equality operators in loop termination conditions

    Check if loops use equality operators (== or !=) in termination conditions. These can lead to infinite loops if the condition is never met exactly. Instead, use relational operators like < or > for safer loop termination.

    error-handlingreadability-refactor

Install in one click

Every rule deep-links into your Mesrai workspace. No copy-paste, no YAML editing, no maintenance overhead.

Curated, not generated

Every rule is hand-authored or hand-reviewed. Bad-vs-good examples, real-world severity, no ML hallucinations.

Open source forever

The full library lives on GitHub. Open a PR to fix a typo, add a missing language, or propose a brand-new rule.

// become an author

Earn from your engineering opinions.

Soon, you'll be able to publish your own rule packs and earn revenue every time a team installs them. Reserve your author handle now.

Join the waitlist