luan/pr-comments
skills/pr-comments/SKILL.md
Fix unresolved PR review comments. Triggers: 'fix comments', 'fix PR comments', 'address review feedback'.
$ install --global
skillsauthnpx skillsauth add luan/dot-claude pr-commentsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 30, 2026, 1:09 PM10.3s1 file scanned
SKILL.md
- name:
- pr-comments
- description:
- Fix unresolved PR review comments. Triggers: 'fix comments', 'fix PR comments', 'address review feedback'.
- argument-hint:
- [--auto]
- user-invocable:
- true
- disable-model-invocation:
- false
- - "Bash(git push:
- *)
PR Comments Fixer
Fix unresolved review comments from a PR.
Safety: never replies to or resolves threads — only fetches and fixes locally. Push requires confirmation (unless --auto). --auto auto-resolves bot comments only (not human comments).
Steps
-
Detect PR: Run
gh pr view --json number,headRefNameandgh repo view --json nameWithOwner -q .nameWithOwner. If no PR found, ask user. -
Verify branch: Compare
git branch --show-currentvs PR headRefName — mismatch → ask user and stop. Do not proceed to Step 3 until the user confirms or switches branches. -
Fetch comments (execute directly — never prefix with
python3/uv run):${CLAUDE_SKILL_DIR}/scripts/fetch_threads.py --pr <PR> --repo <Repo>--auto→ fix all comments, auto-resolve bot comments (author is a bot/app). Without--auto→ display as numbered list with file:line, author, preview. Ask "Which comment(s) to fix?" — options: "Fix all" / "Other" -
Plan fixes: For each comment, read code, create one-line fix description.
--auto→ proceed. Without--auto→ ask "Ready to execute?" -
Execute: Apply fixes, summarize changes.
-
Run tests: Detect and run the project test suite (look for
testscript in package.json, pytest, cargo test, etc.). Fix failures caused by your changes. If 3+ failures persist after fixes, report and stop. -
Commit: Use
Skill(commit)to generate message and commit. -
Push (optional):
--auto→ push automatically. Without--auto→ ask first. Detect stack tool:gh stack view --json 2>/dev/nullsucceeds →Skill(gh-stack:submit). Otherwisegt log --stack 2>/dev/nullsucceeds →Skill(gt:submit). Otherwisegit push.
Related Skills
luan/sym
tools
VerifiedTrustedCommunity
Tree-sitter indexed code navigator (ct sym CLI). Use INSTEAD OF Read/Grep/Glob/Bash when exploring existing code, understanding how something works, locating a symbol, tracing the call graph up (impact) or down (trace), finding implementations of an interface, scoping a diff to one symbol, or preparing to edit code you have not read yet. Triggers: 'how does X work', 'explain this class/file/symbol', 'walk me through X', 'what does X do', 'where is X defined', 'who calls X', 'what does X call', 'find implementations of', 'what breaks if I change X', 'outline this file', 'map imports', 'show me this symbol', exploring unfamiliar repo, tracing call graph, scoping diff to a symbol, preparing to edit code I haven't read, about to Read a file over ~500 lines to understand it. Do NOT use for: writing new code from scratch, editing prose or config, running tests, or when a stack trace already names the file and line.
4SKILL.mdUpdated Apr 22, 2026
luan/vibe
development
VerifiedTrustedCommunity
Fully autonomous development workflow from prompt to commit. Chains spec → develop → review → commit. Triggers: /vibe, 'vibe this', 'autonomous workflow', 'just do it all', 'build this end-to-end', 'full pipeline', 'handle everything'.
4SKILL.mdUpdated Apr 21, 2026
luan/vault-sweep
development
VerifiedTrustedCommunity
Comprehensive vault maintenance — cross-references blueprints against codebase state to produce a maintenance plan: archive consumed artifacts, audit docs for staleness, propose new docs for undocumented stable systems. Triggers: 'vault sweep', 'sweep the vault', 'clean up vault', 'vault maintenance', 'what can we archive', 'audit blueprints', 'vault hygiene', 'blueprint cleanup'. Use whenever the user wants a holistic view of vault health rather than archiving a single artifact (that's /archive). Also use when the user asks what's stale, what needs docs, or whether artifacts can be cleaned up.
4SKILL.mdUpdated Apr 21, 2026
luan/test-plan
development
VerifiedTrustedCommunity
Analyze current diff, classify changes by risk, and produce structured manual test plan. Triggers: 'test plan', 'what should I test', 'manual testing', 'verification steps', 'QA checklist'. Exits early for trivial changes. Do NOT use when: writing automated tests — use /develop with TDD. Do NOT use when: reviewing code quality — use /crit instead.
4SKILL.mdUpdated Apr 21, 2026