abhiunix/git-commit-reviewer
skills/development/git-commit-reviewer/SKILL.md
Reviews staged git changes and provides feedback on code quality, potential bugs, and security issues before committing. Use when asked to review changes or before creating a commit.
$ install --global
skillsauthnpx skillsauth add abhiunix/community-registry git-commit-reviewerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
70%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 2, 2026, 2:31 AM143.9s2 files scanned
SKILL.md
- name:
- git-commit-reviewer
- description:
- Reviews staged git changes and provides feedback on code quality, potential bugs, and security issues before committing. Use when asked to review changes or before creating a commit.
- license:
- MIT
- allowed-tools:
- Read Glob Grep Bash
Git Commit Reviewer
When asked to review changes or before a commit, follow this process:
Step 1: Gather Changes
Run git diff --cached --stat to see which files are staged, then git diff --cached for the full diff.
If nothing is staged, check git diff for unstaged changes and let the user know.
Step 2: Analyze Each File
For each changed file, check:
Code Quality
- Are variable/function names descriptive?
- Is there duplicated logic that should be extracted?
- Are functions small and focused?
- Is error handling present where needed?
Potential Bugs
- Off-by-one errors in loops or array access
- Null/undefined not handled
- Race conditions in async code
- Missing
awaiton async calls - Incorrect comparison operators (
==vs===)
Security
- No secrets, API keys, or tokens in the diff
- User input is validated before use
- No SQL injection or XSS vectors introduced
- File paths are sanitized if user-provided
Dependencies
- New dependencies are intentional and from trusted sources
- No unnecessary dependency additions
- Lock file is updated consistently
Step 3: Provide Feedback
Structure your review as:
## Summary
One-line overview of the changes.
## Issues Found
### Critical (must fix)
- ...
### Suggestions (nice to have)
- ...
## Looks Good
- Positive observations about the changes
Rules
- Be constructive — explain why something is an issue, not just that it is
- If no issues found, say so clearly and briefly
- Don't nitpick style if the project has a formatter configured
- Focus on logic and correctness over formatting
- If the diff is large (>500 lines), summarize by file group rather than line-by-line
Related Skills
abhiunix/threat-model
development
VerifiedTrustedCommunity
Generate a STRIDE-based threat model from codebase and architecture analysis. Identifies assets, trust boundaries, data flows, threats, and mitigations. Language-agnostic.
1SKILL.mdUpdated Mar 27, 2026
abhiunix/security-audit
development
VerifiedTrustedCommunity
Run a comprehensive security audit against a codebase. Covers OWASP Top 10, secrets exposure, dependency vulnerabilities, misconfigurations, and insecure patterns. Language-agnostic.
1SKILL.mdUpdated Mar 27, 2026
abhiunix/secure-code-review
development
VerifiedTrustedCommunity
Security-focused code review for staged changes or specified files. Checks for injection, auth flaws, crypto misuse, data exposure, and insecure patterns. Works with any language.
1SKILL.mdUpdated Mar 27, 2026
abhiunix/trello
development
VerifiedTrustedCommunity
Manage Trello boards, lists, and cards via the Trello REST API.
1SKILL.mdUpdated Mar 27, 2026