fcakyon/review-overleaf
plugins/overleaf-skills/skills/review-overleaf/SKILL.md
This skill should be used when user asks to "fetch overleaf review comments", "address overleaf reviews", "apply overleaf comments", "review my overleaf paper", "sync overleaf feedback to local", "what comments are on my overleaf doc", or wants to act on Overleaf reviewer feedback in a local git-tracked LaTeX repo.
$ install --global
skillsauthnpx skillsauth add fcakyon/claude-codex-settings review-overleafInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 3, 2026, 3:24 AM135.1s1 file scanned
SKILL.md
- name:
- review-overleaf
- description:
- This skill should be used when user asks to "fetch overleaf review comments", "address overleaf reviews", "apply overleaf comments", "review my overleaf paper", "sync overleaf feedback to local", "what comments are on my overleaf doc", or wants to act on Overleaf reviewer feedback in a local git-tracked LaTeX repo.
Review Overleaf
Pull unresolved review threads from an Overleaf project, locate each in the local repo, propose edits the user reviews, and apply them. Does not push back to Overleaf — the web UI is still the place to mark threads resolved after the user verifies the local change.
Step 1: Resolve project ID
Accept any of:
- Raw 24-char hex ID (
^[0-9a-f]{24}$) - Full URL like
https://www.overleaf.com/project/<id>— extract via regex - Project name in quotes — call:
Each line ispython3 ${CLAUDE_PLUGIN_ROOT}/scripts/overleaf_reviews.py --list-projects<24-hex> <accessLevel> <name>. Fuzzy-match the name. If multiple match, AskUserQuestion to disambiguate.
If the user has not given a project ID at all, run --list-projects and show the user the table so they can pick one.
Step 2: Cookie precheck
If ~/.claude/overleaf-skills/cookie does not exist, tell the user to "set up overleaf" (which triggers the setup skill) and stop.
If it exists but auth fails (the next script call returns a refresh hint), point at the same setup skill and stop.
Step 3: Access-level guard
If the project ID came from name resolution, check the matched entry's accessLevel. If readOnly, warn:
Project is read-only. You can edit local files but cannot sync them back to Overleaf via the web UI; you would need to copy-paste manually. Continue?
For owner, readAndWrite, or review, proceed silently.
Step 4: Fetch comments
python3 ${CLAUDE_PLUGIN_ROOT}/scripts/overleaf_reviews.py --json --repo . < project-id > --unresolved-only
Parses to a JSON array. Each record has: thread_id, doc_id, snippet, offset, resolved, messages (list of {user, ts, content}), file, line. The file and line are null when the snippet did not match any local *.tex.
Step 5: Edit loop
For each record where file is non-null:
Readthe file atline± 5 lines for context.- Summarize the comment thread in one sentence: who said what.
- Propose a concrete edit grounded in the comment text. If the comment is a question (e.g., "did you mean X?"), the edit should answer it in the prose; if it's a correction (e.g., "wrong notation"), the edit should make the correction.
- Apply via
Edit. Do not batch — one comment, one edit, then move on.
Skip records where file is null (snippet did not map). Collect them in an <unmapped> list.
Step 6: Wrap up
After the loop:
- Run
git diffand show the user the full set of changes. - List the
<unmapped>records (if any) withdoc_id+ snippet preview, so the user can hunt them manually. - Suggest a commit message in the style:
address overleaf review: <one-line summary of the changes>. Do NOT auto-commit. The user can run/github-dev:commit-stagedor commit by hand. - Remind the user to mark the addressed threads as resolved in the Overleaf web UI once they verify the local diff.
Non-goals
- No re-upload to Overleaf (no write API used).
- No thread resolution in Overleaf (web UI only).
- No
.bibedits unless a comment specifically targets a citation. - No multi-line snippets that span paragraph breaks — those land in
<unmapped>for v1; the snippet matcher is line-anchored.
Pairs naturally with
github-dev—/github-dev:commit-stagedafter the edit loop,/github-dev:create-prif the project is collaborative.
Related Skills
fcakyon/setup
tools
VerifiedTrustedCommunity
This skill should be used when user asks to "set up overleaf", "configure overleaf cookie", "overleaf auth failed", "overleaf 401", "overleaf session expired", "overleaf unauthorized", or needs to install or refresh their Overleaf session cookie for the overleaf-skills plugin.
674SKILL.mdUpdated May 10, 2026
fcakyon/dokploy-deploy
tools
VerifiedTrustedCommunity
This skill should be used when user asks to "deploy with Dokploy", "use Dokploy Cloud", "manage self-hosted Dokploy", "deploy Docker Compose on Dokploy", "manage Dokploy databases", "configure Dokploy domains", or "look up Dokploy CLI commands".
654SKILL.mdUpdated Apr 26, 2026
fcakyon/stripe-best-practices
development
VerifiedTrustedCommunity
Guides Stripe integration decisions — API selection (Checkout Sessions vs PaymentIntents), Connect platform setup (Accounts v2, controller properties), billing/subscriptions, Treasury financial accounts, integration surfaces (Checkout, Payment Element), migrating from deprecated Stripe APIs, and security best practices (API key management, restricted keys, webhooks, OAuth). Use when building, modifying, or reviewing any Stripe integration — including accepting payments, building marketplaces, integrating Stripe, processing payments, setting up subscriptions, creating connected accounts, or implementing secure key handling.
645SKILL.mdUpdated Apr 4, 2026
fcakyon/web-design-guidelines
development
VerifiedTrustedCommunity
Review UI code for Web Interface Guidelines compliance. Use when asked to "review my UI", "check accessibility", "audit design", "review UX", or "check my site against best practices".
645SKILL.mdUpdated Apr 4, 2026