nijaru/review
dot_claude/skills/review/SKILL.md
Use when performing deep code analysis for correctness, safety, quality, or to simplify recently modified code. Trigger on feature completion, unpushed commits, or before merging significant changes.
development
Updated Apr 22, 2026
$ install --global
skillsauthnpx skillsauth add nijaru/dotfiles reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 22, 2026, 5:12 PM55.5s1 file scanned
SKILL.md
- name:
- review
- description:
- Use when performing deep code analysis for correctness, safety, quality, or to simplify recently modified code. Trigger on feature completion, unpushed commits, or before merging significant changes.
- allowed-tools:
- Bash, Read, Grep, Glob, Edit, Task
Review (Audit & Refine)
Analyze code for correctness, safety, and efficiency. This skill supports two modes: Report (analysis only) and Refine (apply improvements).
Core Mandates
- Evidence-First: Establish a baseline by running tests BEFORE the review.
- Single-Pass: Evaluate all categories (Correctness, Complexity, Quality, Efficiency, Cleanliness) in one pass.
- Standards: Strictly follow the
Code Standardstable inCLAUDE.md. - Mode Selection:
- Report: Output a categorized report (
ERROR,WARN,NIT). End withVerdict: LGTM,LGTM with nits, orNeeds work. - Refine: Apply targeted, behavior-preserving changes to improve clarity and reduce technical debt.
- Report: Output a categorized report (
Execution Workflow
- Scope: Detect modified files, feature branch diffs, or staged changes.
- Baseline: Run
buildandtestto establish a "Green" starting state. - Analyze: Apply the
Code Standards(referencingCLAUDE.md). - Action:
- Report Mode: Generate findings formatted as
[SEVERITY] file:line - Issue -> Fix. - Refine Mode: Edit files surgically. Use language-expert skills (
rust-expert, etc.) for idiomatic patterns.
- Report Mode: Generate findings formatted as
- Verify: Run tests/linter after refinement to ensure behavior is unchanged.
Anti-Rationalization
| Excuse | Reality | | :--- | :--- | | "Tests passed, so it's fine." | Reviews catch architectural flaws and security risks that tests miss. | | "Refining might break it." | Small, behavior-preserving edits with Red-Green verification are safe and essential. | | "Subagents are always better." | For small or local changes, the main agent is more efficient. Use subagents for context isolation. |
Related Skills
nijaru/second-pass
development
VerifiedTrustedCommunity
Use after completing a bug fix, feature, refactor, or tk task when the first implementation taught enough context to replace it with a simpler, cleaner, or more coherent version before finalizing.
SKILL.mdUpdated Apr 25, 2026
nijaru/zig-expert
development
VerifiedTrustedCommunity
Use when writing, migrating, or reviewing Zig code across recent stable versions (0.14-0.16), especially to correct stale syntax or stdlib, build.zig, allocator, formatting, or runtime API knowledge.
SKILL.mdUpdated Apr 22, 2026
nijaru/writer
documentation
VerifiedTrustedCommunity
Use when reviewing or revising text (prose, docs, commits) to remove AI patterns and improve voice/clarity.
SKILL.mdUpdated Apr 22, 2026
nijaru/twitter
content-media
VerifiedTrustedCommunity
Use when fetching X/Twitter post content by URL, or searching for recent X posts.
SKILL.mdUpdated Apr 22, 2026