martinffx/code-review
skills/code-review/SKILL.md
Multi-agent code review with parallel specialized reviewers, architecture validation, and challenge validation. Use `rq` to request a review of diffs (defaults to main branch), `rs` to respond to review findings. Triggers on "review this", "review my code", "code review", "check for bugs", "audit this", when examining PRs, pull requests, branches, or diffs. Always asks user before applying fixes.
$ install --global
skillsauthnpx skillsauth add martinffx/claude-code-atelier code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 23, 2026, 7:30 AM408.8s5 files scanned
SKILL.md
- name:
- code-review
- description:
- Multi-agent code review with parallel specialized reviewers, architecture validation, and challenge validation. Use `rq` to request a review of diffs (defaults to main branch), `rs` to respond to review findings. Triggers on "review this", "review my code", "code review", "check for bugs", "audit this", when examining PRs, pull requests, branches, or diffs. Always asks user before applying fixes.
- argument-hint:
- rq [branch] | rs
- user-invocable:
- true
Code Review Skill
Multi-agent code analysis with parallel reviewers and challenge validation.
Uses explicit subagent dispatch patterns from code-subagents.
Prerequisites
- Required: git
Arguments
Command Routing
| Invocation | Behavior |
|------------|----------|
| (no arguments) | Review diff to main branch |
| rq | Review diff to main branch |
| rq main | Review diff to main branch |
| rq develop | Review diff to develop branch |
| feat/foo | Review diff to feat/foo (bare branch = rq) |
| rs | Respond to review findings (interview mode) |
Subagent Architecture
rq (Request Review) Subagents
| Step | Subagent | Uses | Parallel | Purpose |
|------|----------|------|----------|---------|
| 1 | Triage | scout agent | No | Detect context, select reviewers, identify skills to load |
| 2 | Reviewers | general subagent | Yes (per reviewer) | Specialty analysis (loads detected skills) |
| 3 | Synthesis | general subagent | No | Deduplicate findings |
| 4 | Architect | architect agent | No | Architecture review |
| 5 | Challenge | oracle agent | No | Validate findings with sequential-thinking |
rs (Respond to Review)
No subagents. Interactive interview mode — see rs.md.
Dispatch Patterns
Follows code-subagents patterns:
- Parallel dispatch for independent reviewers
- Sequential dispatch for dependent steps
- Fresh subagent per task — no context pollution
- Skill loading pre-step before each analysis phase
- Error handling: Log failures, continue with partial results
Agent Dispatch
| Agent | Used In Step |
|-------|--------------|
| scout | Triage (context retrieval, file analysis) |
| architect | Architect (architecture review) |
| oracle | Challenge (validate findings, sequential-thinking) |
| general | Reviewers, Synthesis |
See agents/ for agent definitions.
References
| Reference | Purpose | |-----------|---------| | rq.md | Request review workflow - detailed steps with prompts | | rs.md | Respond to review workflow - interview mode | | reviewers.md | Reviewer definitions and prompts | | output.md | Output format specification |
Workflow Routing
- No arguments,
rq, or bare branch → rq.md rs→ rs.md
Related Skills
martinffx/oracle-security
development
VerifiedTrustedCommunity
Security architecture and threat modeling knowledge. Auto-invokes when designing features that handle untrusted data, authentication, authorization, external integrations, file uploads, or sensitive data. Provides risk assessment frameworks, trust boundary analysis, and security design principles — not implementation code.
25SKILL.mdUpdated May 24, 2026
martinffx/oracle-doubt
testing
VerifiedTrustedCommunity
Adversarial review of non-trivial decisions using fresh-context scrutiny. Use when correctness matters more than speed, when stakes are high (production, security-sensitive logic, irreversible operations), or before committing significant architectural or implementation choices.
25SKILL.mdUpdated May 24, 2026
martinffx/code-handoff
development
VerifiedTrustedCommunity
Compact the current conversation into a handoff document for another agent to pick up.
25SKILL.mdUpdated May 24, 2026
martinffx/oracle-grillme
testing
VerifiedTrustedCommunity
Socratic interrogation of plans against the project's domain model and documented decisions. Use when the user wants to stress-test a plan, clarify terminology, or validate assumptions against existing domain language. Updates CONTEXT.md and ADRs inline as decisions crystallise.
25SKILL.mdUpdated May 23, 2026