globallayer/comprehensive-review-pr-enhance
skills/comprehensive-review-pr-enhance/SKILL.md
Generate structured PR descriptions from diffs, add review checklists, risk assessments, and test coverage summaries. Use when the user says "write a PR description", "improve this PR", "summarize my changes", "PR review", "pull request", or asks to document a diff for reviewers.
testing
Updated May 23, 2026
$ install --global
skillsauthnpx skillsauth add globallayer/claude-code-skills comprehensive-review-pr-enhanceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 22, 2026, 9:00 AM109.2s2 files scanned
SKILL.md
- name:
- comprehensive-review-pr-enhance
- description:
- >
- risk:
- unknown
- source:
- community
Pull Request Enhancement
When to Use
- You need to turn a git diff into a reviewer-friendly pull request description.
- You want a PR summary with change categories, risks, testing notes, and a checklist.
- The diff is large enough that reviewers need explicit structure instead of a short ad hoc summary.
Workflow
- Run
git diff <base>...HEAD --statto identify changed files and scope - Categorise changes: source, test, config, docs, build, styles
- Generate the PR description using the template below
- Add a review checklist based on which file categories changed
- Flag breaking changes, security-sensitive files, or large diffs (>500 lines)
PR Description Template
## Summary
<!-- one-paragraph executive summary: what changed and why -->
## Changes
| Category | Files | Key change |
|----------|-------|------------|
| source | `src/auth.ts` | added OAuth2 PKCE flow |
| test | `tests/auth.test.ts` | covers token refresh edge case |
| config | `.env.example` | new `OAUTH_CLIENT_ID` var |
## Why
<!-- link to issue/ticket + one sentence on motivation -->
## Testing
- [ ] unit tests pass (`npm test`)
- [ ] manual smoke test on staging
- [ ] no coverage regression
## Risks & Rollback
- **Breaking?** yes / no
- **Rollback**: revert this commit; no migration needed
- **Risk level**: low / medium / high — because ___
Review Checklist Rules
Add checklist sections only when the matching file category appears in the diff:
| File category | Checklist items |
|---------------|----------------|
| source | no debug statements, functions <50 lines, descriptive names, error handling |
| test | meaningful assertions, edge cases, no flaky tests, AAA pattern |
| config | no hardcoded secrets, env vars documented, backwards compatible |
| docs | accurate, examples included, changelog updated |
| security-sensitive (auth, crypto, token, password in path) | input validation, no secrets in logs, authz correct |
Splitting Large PRs
When diff exceeds 20 files or 1000 lines, suggest splitting by feature area:
git checkout -b feature/part-1
git cherry-pick <commits-for-part-1>
Resources
resources/implementation-playbook.md— Python helpers for automated PR analysis, coverage reports, and risk scoring
Limitations
- Use this skill only when the task clearly matches the scope described above.
- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.
Related Skills
globallayer/constant-time-analysis
development
VerifiedTrustedCommunity
Analyze cryptographic code to detect operations that leak secret data through execution timing variations.
SKILL.mdUpdated May 23, 2026
globallayer/confluence-automation
tools
VerifiedTrustedCommunity
Automate Confluence page creation, content search, space management, labels, and hierarchy navigation via Rube MCP (Composio). Always search tools first for current schemas.
SKILL.mdUpdated May 23, 2026
globallayer/configure-ecc
development
VerifiedTrustedCommunity
Interactive installer for Everything Claude Code — guides users through selecting and installing skills and rules to user-level or project-level directories, verifies paths, and optionally optimizes installed files.
SKILL.mdUpdated May 23, 2026
globallayer/conductor-validator
testing
VerifiedTrustedCommunity
Validates Conductor project artifacts for completeness, consistency, and correctness. Use after setup, when diagnosing issues, or before implementation to verify project context.
SKILL.mdUpdated May 23, 2026