pulumi/provider-code-review
.claude/skills/provider-code-review/SKILL.md
Code review guidelines for Pulumi provider repositories - reviewing patches, resources.go changes, SDK changes, and CI workflows
$ install --global
skillsauthnpx skillsauth add pulumi/pulumi-docker provider-code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 14, 2026, 2:55 AM39.4s1 file scanned
SKILL.md
- name:
- provider-code-review
- description:
- Code review guidelines for Pulumi provider repositories - reviewing patches, resources.go changes, SDK changes, and CI workflows
Code Review Guidelines
When reviewing pull requests in this repository, follow these guidelines based on the types of files changed.
Review Rules by File Type
Patches (patches/*.patch)
Changes to patch files require special handling to review effectively.
See patches.md for detailed instructions.
Provider Resources (provider/resources.go)
The resources.go file defines resource mappings between Terraform and Pulumi.
Generated SDK Files (sdk/**)
These are generated SDK files and SHOULD NOT be reviewed. When reviewing the diff these files should be excluded since they will add a lot of noise to the review.
Related Skills
pulumi/upstream-patches
devops
VerifiedTrustedCommunity
Working with upstream patches - creating, editing, deleting, and rebasing patches for the Terraform provider submodule in the upstream/ directory
95SKILL.mdUpdated Apr 11, 2026
pulumi/pulumi-upgrade-provider
tools
VerifiedTrustedCommunity
Automate Pulumi provider repo upgrades with the `upgrade-provider` tool. Use when upgrading a pulumi provider repository to a new upstream version, running `upgrade-provider`, and addressing its common failure modes like patch conflicts or missing module mappings.
95SKILL.mdUpdated Apr 11, 2026
openclaw/openclaw-secret-scanning-maintainer
development
VerifiedTrustedCommunity
Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.
357,764SKILL.mdUpdated Apr 15, 2026
openclaw/openclaw-release-maintainer
development
VerifiedTrustedCommunity
Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.
357,764SKILL.mdUpdated Apr 10, 2026