richfrem/red-team-review
plugins/agent-loops/skills/red-team-review/SKILL.md
(Industry standard: Review and Critique Pattern) Primary Use Case: Iterative generation paired with adversarial review, continuing until an 'Approved' verdict is reached. Orchestrated adversarial review loop. Use when: research, designs, architectures, or decisions need to be reviewed by red team agents (human, browser, or CLI). Iterates in rounds of research → bundle → review → feedback until approved.
$ install --global
skillsauthnpx skillsauth add richfrem/agent-plugins-skills red-team-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 9, 2026, 5:11 AM125.1s7 files scanned
SKILL.md
- name:
- red-team-review
- plugin:
- agent-loops
- description:
- (Industry standard: Review and Critique Pattern) Primary Use Case: Iterative generation paired with adversarial review, continuing until an 'Approved' verdict is reached. Orchestrated adversarial review loop. Use when: research, designs, architectures, or decisions need to be reviewed by red team agents (human, browser, or CLI). Iterates in rounds of research → bundle → review → feedback until approved.
- allowed-tools:
- Bash, Read, Write
Red Team Review Loop
An iterative review loop where research is bundled via context-bundler and dispatched to one or more adversarial reviewers. The loop continues until the red team approves.
When to Use
- Architecture or design decisions that need adversarial scrutiny
- Research findings that need epistemic validation
- Security analysis that needs independent verification
- Any work product where "more eyes" reduce risk
Process Flow
- Research & Analyze — Deep-dive into the problem domain. Create analysis docs, capture sources.
- Review Packet Generation — Prepare the context for the reviewer:
- Create Prompt: Write or update a
red-team-prompt.mdexplaining exactly what is being reviewed and what the reviewer should focus on. - Define Manifest: Update a
manifest.jsonor equivalent list dictating which source files and research artifacts to include. - Bundle Context: Execute the
context-bundlerplugin, feeding it the manifest and prompt, to compile a single cohesive review packet. - Iteration Directory Isolation: Bundle the context and save the output to explicitly isolated directories (e.g.,
.history/review-iteration-1/) so that when the Red Team forces a rewrite, the baseline artifact is never destructively overwritten. 2.5. Interactively Determine CLI and Model (ask once during bootstrap): Before dispatching context bundles to CLI agents: - Interactively ask the user: "Which LLM CLI backend should be used for the adversarial review?" (Options:
agy,claude,copilot,codex,llama). - Ask: "Which specific model should be used?" (Present defaults, e.g.,
Claude Opus 4.6 (Thinking)for high reasoning orGemini 3.5 Flash (Low)for fast scans). - Ensure you append
< /dev/nullto the run command to preventSIGTTINhangs in headless execution engines.
- Create Prompt: Write or update a
- Dispatch to Reviewers — Send the bundle using the selected CLI and model to:
- Human reviewers (paste-to-chat or browser)
- CLI agents with adversarial personas (security auditor, devil's advocate)
- Browser-based agents for interactive review
- Receive Feedback — Capture the red team's verdict:
- "More Research Needed" → Loop back to step 1 with targeted questions
- Asynchronous Benchmark Metric Capture: Explicitly log the
total_tokensandduration_msused by the adversarial agent during this specific iteration into anevals/timing.jsonfile to calculate the true cost of approval. 4.5. Trust But Verify & TDD (Verification Gate): Do not blindly trust the reviewer's approval or feedback: - TDD Enforcement: Prioritize running unit and integration tests to ensure no regressions were introduced by any accepted recommendations.
- Delta Inspection: Check modified files directly for stubs, stales, or placeholders.
- Verify Critic Quality: Verify that the critic model's feedback is comprehensive and is not simply agreeing without actual critique.
- Completion & Handoff — Once the Red Team verdicts "Approved":
- Terminate the review loop.
- Pass the final, approved research and feedback documents back to the Orchestrator.
- DO NOT attempt to seal the session or run a retrospective. The Orchestrator handles that.
Dependencies
context-bundler— Required for creating review packets- Adversarial personas: user-supplied system prompt, or from an installed CLI agent plugin
(e.g., agent-personas). The
personas/directory is no longer bundled with agent-loops.
Diagram
See: red_team_review_loop.mmd
Related Skills
richfrem/task-agent
data-ai
VerifiedTrustedCommunity
Task management agent. Auto-invoked for task creation, status tracking, and kanban board operations using Markdown files across lane directories. V2 enforces Kanban Sovereignty constraints preventing manual task file edits.
3SKILL.mdUpdated Jun 9, 2026
richfrem/symlink-manager
development
VerifiedTrustedCommunity
Create, audit, repair, and document cross-platform symlinks that work correctly on both Windows and macOS/Linux. Use this skill whenever the user mentions symlinks, symbolic links, junction points, .gitconfig symlinks, broken links after git pull, cross-platform path issues, or needs help with ln -s equivalents on Windows. Also trigger when the user reports that files are missing or wrong after switching between Mac and Windows machines using Git. This skill solves the common problem where symlinks committed on macOS show up as plain text files on Windows (and vice versa) because of Git's core.symlinks setting or missing Developer Mode / elevated permissions. **IMPORTANT FOR WINDOWS USERS:** Developer Mode must be enabled before creating symlinks. Without it, Git will check out symlinks as plain-text files or hardlinks, breaking cross-platform workflows.
3SKILL.mdUpdated Jun 9, 2026
richfrem/red-team-bundler
development
VerifiedTrustedCommunity
Interactively prepares a targeted Red Team Review package. It conducts a brief discovery interview to determine the threat model, generates a strict security auditor prompt, compiles a manifest of relevant project files, and bundles them into a single Markdown artifact or ZIP archive ready for an external LLM (like Grok, ChatGPT, or Gemini) or a human reviewer.
3SKILL.mdUpdated Jun 9, 2026
richfrem/optimize-context
tools
VerifiedTrustedCommunity
Reduces AI agent context bloat across three dimensions: (1) duplicate skill deduplication — clears stale agent directory copies since the IDE already reads from plugins/ directly; (2) instruction file optimization — rewrites CLAUDE.md, GEMINI.md, or .github/copilot-instructions.md to under ~80 lines, keeping only rules that directly change agent behaviour; (3) session token efficiency — guidance on cheap subagent delegation, context compounding across turns, and session hygiene. Trigger with "optimize context", "reduce context bloat", "deduplicate skills", "trim CLAUDE.md", "trim GEMINI.md", "fix my context usage", "why are my skills loading twice", "how do I reduce token usage", or "clean up agent directories".
3SKILL.mdUpdated Jun 9, 2026