Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

thesoftwarehouse/tsh-code-reviewing

Name: tsh-code-reviewing
Author: thesoftwarehouse

.github/skills/tsh-code-reviewing/SKILL.md

npx skillsauth add thesoftwarehouse/copilot-collections tsh-code-reviewing

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Code review

This skill helps you verify that the implemented code follows all best practices and quality standards.

Code Review Process

Use the checklist below and track your progress:

Analysis progress:
- [ ] Step 1: Understand the task description
- [ ] Step 2: Understand the plan to implement task
- [ ] Step 3: Analyse the implemented solution and compare that to task description and implementation plan
- [ ] Step 4: Verify that solution has implemented all necessary tests
- [ ] Step 5: Run all unit tests
- [ ] Step 6: Run all integrations tests
- [ ] Step 7: Run all e2e tests
- [ ] Step 8: Verify that solution follows the best practices
- [ ] Step 9: Run static code analysis tools and formatting tools
- [ ] Step 10: Validate the solution is secure
- [ ] Step 11: Validate the solution is scalable

Step 1: Understand the task description

Look for *.research.md file to fully understand the business goal of the task. In case of task being connected to task management tool make sure to use that tool to access even more context.

In case of missing research file, follow the conversation to understand the goal.

Step 2: Understand the plan to implement task

Look for *.plan.md file to understand the planned solution implementation.

In case of missing it follow the conversation to understand the goal.

Step 3: Analyse the implemented solution and compare that to task description and implementation plan

Based on implementation plan and task description, compare it to actually implementation.

Focus not only on files that were actually changed or added, but also those that claim to be already implemented.

Step 4: Verify that solution has implemented all necessary tests

Make sure that all critical paths of the solutions are fully tested by combination of different tests - e2e, unit, integration.

Step 5: Run all unit tests

Find unit tests and run them. Make sure they are passing.

Step 6: Run all integration tests

Find integration tests and run them. Make sure they are passing.

Step 7: Run all e2e tests

Find end-to-end tests and run them. Make sure they are passing.

Step 8: Verify that solution follows the best practices

Check the implemented solution. Make sure it follow the best development practices.

Take into account project standards and a practices like SOLID, SRP, DDD, DRY, KISS, Atomic Design.

Make sure that solution is not over engineered. Keep the cognitive complexity on a lower side.

Step 9: Run static code analysis tools and formatting tools

Make sure to run linters, static code analysis tools and formatting tools.

Step 10: Validate the solution is secure

Focus on security. Check for potential OWASP TOP10 issues. Check for potential critical security issues that allows other users to take control over the system.

Step 11: Validate the solution is scalable

Analyse if the implemented solution is scalable. Focus on areas like being able to scale it horizontally, not having a stateful components, not having code with high computational complexity.

Connected Skills

tsh-implementation-gap-analysing
tsh-technical-context-discovering - for understanding project conventions and standards to review against
tsh-sql-and-database-understanding - for validating SQL quality, index coverage, query performance, schema design, and ORM usage patterns
tsh-engineering-prompts - for reviewing LLM prompt code: prompt structure, injection defenses, delimiter separation, output format, and anti-patterns

thesoftwarehouse/tsh-code-reviewing

.github/skills/tsh-code-reviewing/SKILL.md

Perform code review. Quality analysis. Acceptance criteria verification. Best practices review.

206 stars

development

Updated Apr 15, 2026

$ install --global

skillsauth

npx skillsauth add thesoftwarehouse/copilot-collections tsh-code-reviewing

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 15, 2026, 11:58 PM11.9s1 file scanned

SKILL.md

name:: tsh-code-reviewing
description:: Perform code review. Quality analysis. Acceptance criteria verification. Best practices review.

Code review

This skill helps you verify that the implemented code follows all best practices and quality standards.

Code Review Process

Use the checklist below and track your progress:

Analysis progress:
- [ ] Step 1: Understand the task description
- [ ] Step 2: Understand the plan to implement task
- [ ] Step 3: Analyse the implemented solution and compare that to task description and implementation plan
- [ ] Step 4: Verify that solution has implemented all necessary tests
- [ ] Step 5: Run all unit tests
- [ ] Step 6: Run all integrations tests
- [ ] Step 7: Run all e2e tests
- [ ] Step 8: Verify that solution follows the best practices
- [ ] Step 9: Run static code analysis tools and formatting tools
- [ ] Step 10: Validate the solution is secure
- [ ] Step 11: Validate the solution is scalable

Step 1: Understand the task description

Look for *.research.md file to fully understand the business goal of the task. In case of task being connected to task management tool make sure to use that tool to access even more context.

In case of missing research file, follow the conversation to understand the goal.

Step 2: Understand the plan to implement task

Look for *.plan.md file to understand the planned solution implementation.

In case of missing it follow the conversation to understand the goal.

Step 3: Analyse the implemented solution and compare that to task description and implementation plan

Based on implementation plan and task description, compare it to actually implementation.

Focus not only on files that were actually changed or added, but also those that claim to be already implemented.

Step 4: Verify that solution has implemented all necessary tests

Make sure that all critical paths of the solutions are fully tested by combination of different tests - e2e, unit, integration.

Step 5: Run all unit tests

Find unit tests and run them. Make sure they are passing.

Step 6: Run all integration tests

Find integration tests and run them. Make sure they are passing.

Step 7: Run all e2e tests

Find end-to-end tests and run them. Make sure they are passing.

Step 8: Verify that solution follows the best practices

Check the implemented solution. Make sure it follow the best development practices.

Take into account project standards and a practices like SOLID, SRP, DDD, DRY, KISS, Atomic Design.

Make sure that solution is not over engineered. Keep the cognitive complexity on a lower side.

Step 9: Run static code analysis tools and formatting tools

Make sure to run linters, static code analysis tools and formatting tools.

Step 10: Validate the solution is secure

Focus on security. Check for potential OWASP TOP10 issues. Check for potential critical security issues that allows other users to take control over the system.

Step 11: Validate the solution is scalable

Analyse if the implemented solution is scalable. Focus on areas like being able to scale it horizontally, not having a stateful components, not having code with high computational complexity.

Connected Skills

tsh-implementation-gap-analysing
tsh-technical-context-discovering - for understanding project conventions and standards to review against
tsh-sql-and-database-understanding - for validating SQL quality, index coverage, query performance, schema design, and ORM usage patterns
tsh-engineering-prompts - for reviewing LLM prompt code: prompt structure, injection defenses, delimiter separation, output format, and anti-patterns

Related Skills

thesoftwarehouse/tsh-writing-hooks

development

VerifiedTrustedCommunity

Custom hook and composable patterns — naming, composition, stable return shapes, lifecycle cleanup, and testing strategies. Use when writing reusable logic units (React hooks, Vue composables), refactoring logic into hooks, debugging hook behavior, or reviewing hook implementations.

206SKILL.mdUpdated Apr 15, 2026

thesoftwarehouse/tsh-writing-hooks

thesoftwarehouse/tsh-ui-verifying

testing

VerifiedTrustedCommunity

UI verification criteria, structure checklists, severity definitions, and tolerance rules for comparing implementations against Figma designs. Use for verifying UI matches design, understanding what to check, and determining acceptable differences.

206SKILL.mdUpdated Apr 15, 2026

thesoftwarehouse/tsh-ui-verifying

thesoftwarehouse/tsh-transcript-processing

development

VerifiedTrustedCommunity

Clean raw workshop or meeting transcripts from small talk, filler words, and off-topic tangents. Extract and structure business-relevant content into a standardized format with discussion topics, key decisions, action items, and open questions.

206SKILL.mdUpdated Apr 15, 2026

thesoftwarehouse/tsh-transcript-processing

thesoftwarehouse/tsh-technical-context-discovering

development

VerifiedTrustedCommunity

Discover and establish technical context before implementing any feature. Prioritize project instructions, existing codebase patterns, and external documentation in that order. Use for any task requiring understanding of project conventions, coding standards, architecture patterns, and established practices before writing code.

206SKILL.mdUpdated Apr 15, 2026

thesoftwarehouse/tsh-technical-context-discovering

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/thesoftwarehouse/copilot-collections.git

# Copy into Claude Code skills folder (global)
cp -r copilot-collections/.github/skills/tsh-code-reviewing ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

thesoftwarehouse/copilot-collections

206 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT