elevanaltd/src/hestai_mcp/_bundled_hub/library/skills/review-prioritization
src/hestai_mcp/_bundled_hub/library/skills/review-prioritization/SKILL.md
===SKILL:REVIEW_PRIORITIZATION=== META: TYPE::SKILL VERSION::"2.0.0" STATUS::ACTIVE PURPOSE::"Severity-ordered finding triage for CRS reviews. Context-adaptive: PR reviews get display budget, standalone/audit reviews report all findings." §1::CORE AUTHORITY::ADVISORY[finding_ordering⊕batch_triage] COMPLEMENTS::[review-discipline<confidence_levels>,constructive-feedback<presentation>] §2::PRIORITY_TIERS // Order: P0→P5. Within each tier: CERTAIN→HIGH→MODERATE. P0_SECURITY::injection⊕aut
tools
Updated Apr 21, 2026
$ install --global
skillsauthnpx skillsauth add elevanaltd/hestai-mcp src/hestai_mcp/_bundled_hub/library/skills/review-prioritizationInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 21, 2026, 8:20 AM54.8s1 file scanned
SKILL.md
===SKILL:REVIEW_PRIORITIZATION=== META: TYPE::SKILL VERSION::"2.0.0" STATUS::ACTIVE PURPOSE::"Severity-ordered finding triage for CRS reviews. Context-adaptive: PR reviews get display budget, standalone/audit reviews report all findings."
§1::CORE AUTHORITY::ADVISORY[finding_ordering⊕batch_triage] COMPLEMENTS::[review-discipline<confidence_levels>,constructive-feedback<presentation>]
§2::PRIORITY_TIERS // Order: P0→P5. Within each tier: CERTAIN→HIGH→MODERATE. P0_SECURITY::injection⊕auth_bypass⊕secrets⊕XSS⊕CSRF⊕privilege_escalation[FLOOR::MODERATE] P1_CORRECTNESS::logic_errors⊕data_loss⊕race_conditions⊕null_deref⊕unchecked_errors[FLOOR::HIGH] P2_RELIABILITY::missing_tests⊕error_handling_gaps⊕unvalidated_input⊕resource_leaks[FLOOR::HIGH] P3_ARCHITECTURE::coupling⊕cohesion⊕abstraction_violations⊕API_design⊕scope_creep[FLOOR::HIGH] P4_PERFORMANCE::algorithmic_complexity⊕N_plus_1⊕memory⊕caching[FLOOR::HIGH] P5_STYLE::naming⊕formatting⊕documentation⊕conventions[FLOOR::CERTAIN]
§3::BUDGET // Context-adaptive: detect review mode from task description PR_REVIEW::[BUDGET::15,P0_P1::uncapped,P2::up_to_remaining,P3_P5::if_budget_remains,over_budget::append_"+N omitted"] STANDALONE::[BUDGET::none,report_all_findings_at_or_above_confidence_floor] AUDIT::[BUDGET::none,report_all_findings_at_or_above_confidence_floor] DEFAULT::PR_REVIEW // P5: consolidate into single note when count exceeds 5 (any mode)
§4::OUTPUT SUMMARY::include_tier_distribution["P0:N P1:N P2:N P3:N P4:N P5:N"] STRUCTURE::P0_P1_first→P2_P4_next→P5_last // PR metadata fields (priority_distribution, findings_omitted) defined in review-handoff pattern
§5::ANCHOR_KERNEL TARGET::severity_ordered_finding_triage NEVER::[report_P5_before_P0,omit_P0_findings,consolidate_P0_or_P1,report_speculative_P5] MUST::[classify_P0_through_P5,sort_by_confidence_within_tier,apply_context_budget,emit_tier_distribution] GATE::"Are findings severity-ordered, confidence-sorted, and budget-appropriate for the review context?"
===END===
Related Skills
elevanaltd/supabase-test-harness
tools
VerifiedTrustedCommunity
Supabase test harness patterns including local Supabase setup, test user creation via Auth Admin API, RLS testing, migration testing (db_reset), seed sequences, rate limiting, and environment detection. Use when setting up Supabase testing infrastructure, creating test users, troubleshooting Supabase test failures, or implementing RLS validation. Triggers on: supabase test setup, test user creation, supabase local testing, RLS testing, migration testing, supabase test harness, auth test helpers.
SKILL.mdUpdated May 31, 2026
elevanaltd/supabase-operations
tools
VerifiedTrustedCommunity
Supabase operational knowledge for migrations, RLS optimization, MCP tool benchmarks, and ADR-003 compliance. Use when validating database migrations, optimizing Row-Level Security policies, checking MCP tool performance, or ensuring Supabase operational standards. Triggers on: migration validation, RLS patterns, Supabase benchmarks, ADR-003, database state tracking, schema governance.
SKILL.mdUpdated May 31, 2026
elevanaltd/vercel-preview
tools
VerifiedTrustedCommunity
Vercel preview deployment access patterns including automation bypass, protected preview authentication, and CI integration
SKILL.mdUpdated Apr 21, 2026
elevanaltd/src/hestai_mcp/_bundled_hub/library/skills/validation-methodology
tools
VerifiedTrustedCommunity
===SKILL:VALIDATION_METHODOLOGY=== META: TYPE::SKILL VERSION::"1.0" PURPOSE::"Rigorous 6-step reality enforcement protocol" §1::CORE_PROTOCOL VALIDATION_METHODOLOGY::[ STEP_1_NATURAL_LAW::"Identify physics constraints, thermodynamic limits, information theory bounds", STEP_2_RESOURCE_REALITY::"Inventory actual available resources (time, people, tools, budget) with evidence", STEP_3_CAPABILITY_ASSESSMENT::"Validate team skills, tool availability, knowledge gaps against requirements",
SKILL.mdUpdated Apr 21, 2026