serpro69/solid-code-review
klaude-plugin/skills/solid-code-review/SKILL.md
Code review of current git changes with an expert senior-engineer lens. Detects SOLID violations, security risks, and proposes actionable improvements. Use when performing code reviews.
$ install --global
skillsauthnpx skillsauth add serpro69/claude-starter-kit solid-code-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 20, 2026, 11:50 AM131.5s1 file scanned
SKILL.md
- name:
- solid-code-review
- description:
- |
SOLID Code Review
Overview
Perform a structured review of the current git changes with focus on SOLID, architecture, removal candidates, and security risks. Default to review-only output unless the user asks to implement changes.
Conventions
Read capy knowledge base conventions at shared-capy-knowledge-protocol.md.
Required Outputs
Before declaring the review complete, verify all outputs are delivered:
- [ ] Review report presented to user
- [ ] P0/P1 systemic findings indexed as
kk:review-findings(skip if no qualifying findings) - [ ] Next steps confirmation from user
Indexing is owned by this skill — callers (e.g., implementation-process) do NOT duplicate it.
Review Modes
Standard Mode (/kk:solid-code-review)
Reviews code in the main conversation context. Fast, single-pass review using the workflow below.
Isolated Mode (/kk:solid-code-review:isolated)
Delegates detection to independent reviewers that did not write the code, then annotates their findings with author context. Two parallel reviewers: a code-reviewer sub-agent and pal codereview (external model in native format). Produces a report organized by agreement level with corroborated findings highlighted.
- Cost: Higher (sub-agent + external model + annotation)
- Isolation: True — reviewers have zero authorship bias or session context
- Degradation: Graceful — if one reviewer fails, proceeds with the other; if both fail, suggests standard mode fallback
- Best for: When extra rigor is worth the cost (pre-merge, high-stakes changes)
See review-isolated.md for the isolated workflow.
Severity Levels
| Level | Name | Description | Action | | ------ | -------- | ---------------------------------------------------------------- | ---------------------------------- | | P0 | Critical | Security vulnerability, data loss risk, correctness bug | Must block merge | | P1 | High | Logic error, significant SOLID violation, performance regression | Should fix before merge | | P2 | Medium | Code smell, maintainability concern, minor SOLID violation | Fix in this PR or create follow-up | | P3 | Low | Style, naming, minor suggestion | Optional improvement |
Workflow
Phases:
- Preflight context — scope changes, re-read changed files, search prior findings
- Detect primary language — load language-specific reference checklists
- SOLID + architecture smells
- Removal candidates + iteration plan
- Security and reliability scan
- Code quality scan
- Self-check and confidence assessment
- Index findings — capy index systemic P0/P1 patterns as
kk:review-findings - Present results with next steps
See review-process.md for the detailed step-by-step process.
Invocation
Standard mode:
/kk:solid-code-review
Isolated mode with independent sub-agents:
/kk:solid-code-review:isolated
Related Skills
serpro69/test
development
VerifiedTrustedCommunity
Guidelines describing how to test the code. Use whenever writing new or updating existing code, for example after implementing a new feature or fixing a bug.
138SKILL.mdUpdated May 7, 2026
serpro69/review-spec
development
VerifiedTrustedCommunity
Use after implementing tasks or mid-feature to verify code matches design docs and ensure they are in sync. Detects spec deviations, missing implementations, doc inconsistencies, and outdated docs in design and implementation documentation.
138SKILL.mdUpdated May 7, 2026
serpro69/review-design
testing
VerifiedTrustedCommunity
Review design and implementation docs produced by design. Evaluates document quality, internal consistency, and technical soundness. Use after design completes and before starting implement.
138SKILL.mdUpdated May 7, 2026
serpro69/merge-docs
testing
VerifiedTrustedCommunity
Compare and merge two design docs for the same feature into a single source of truth. Use when you have competing or complementary design/implementation docs (e.g. from separate design runs) that need reconciling into one unified document.
138SKILL.mdUpdated May 7, 2026