janjaszczak/high-risk-review
skills/high-risk-review/SKILL.md
Apply enhanced verification (CoVe-like review, security/arch/perf checks, targeted web research) for high-risk tasks or uncertainty. Use for security, infra, data loss risk, major refactors, or when facts may be outdated.
development
Updated May 5, 2026
$ install --global
skillsauthnpx skillsauth add janjaszczak/cursor high-risk-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 5, 2026, 8:46 AM264.5s1 file scanned
SKILL.md
- name:
- high-risk-review
- description:
- Apply enhanced verification (CoVe-like review, security/arch/perf checks, targeted web research) for high-risk tasks or uncertainty. Use for security, infra, data loss risk, major refactors, or when facts may be outdated.
- compatibility:
- Requires web access for research and ability to run lightweight checks.
- allowed-tools:
- Bash(*) Read WebSearch(*)
- intent:
- Avoid meta-process on trivial answers; focus on risk triggers.
high-risk-review
Activation gate (anti-noise)
Activate if:
- Security/auth/crypto, infra, permissions, data loss, performance hot paths.
- Uncertain or time-sensitive facts.
- User asks to “zweryfikuj / upewnij się”.
Procedure
- Draft solution.
- Identify 3–5 highest-impact claims/assumptions.
- Verify independently:
- Repo evidence (if applicable)
- Minimal test commands
- Web research (authoritative sources)
- Revise solution and mark remaining uncertainties.
Output
- Final recommendation + explicit verification steps.
Related Skills
janjaszczak/keepass
data-ai
VerifiedTrustedCommunity
KeePassXC cursor.kdbx — natywny keyring per OS, keepass-db.path bez fallbacków, agent instaluje brakujące narzędzia.
SKILL.mdUpdated Jun 5, 2026
janjaszczak/vanilla-web
development
VerifiedTrustedCommunity
Build or modify plain HTML/CSS/JavaScript (no framework) using modular ES modules (ESM), SRP, minimal global state, and shippable runnable files with lightweight verification. Use for static pages, small UI widgets, vanilla JS refactors, and quick prototypes without React/Vue/Angular.
SKILL.mdUpdated May 5, 2026
janjaszczak/troubleshooting-rca
testing
VerifiedTrustedCommunity
Perform root-cause analysis for bugs/errors/regressions using logs, repro steps, and hypothesis testing. Use when the user reports “nie działa”, stack traces, failing tests, or regressions.
SKILL.mdUpdated May 5, 2026
janjaszczak/task-planning-shrimp
tools
VerifiedTrustedCommunity
Plan, split, and track multi-step work using Shrimp Task Manager MCP (or equivalent). Use for multi-file refactors, migrations, or any work that benefits from task tracking.
SKILL.mdUpdated May 5, 2026