Invoke after any implementation task completes or before merging. Reviews the diff, auto-fixes safe issues, runs specialist security and architecture reviewers on large diffs. Not for exploring ideas or debugging.
Read the diff, find the problems, fix what can be fixed safely, ask about the rest. Do not claim done until verification has run in this session.
git fetch origin
git diff origin/main
If the base branch is not main, ask before running. Already on the base branch? Stop and ask which commits to review.
Count the diff and classify depth. This determines which reviewers activate.
git diff origin/main --stat | tail -1
| Depth | Criteria | Reviewers |
|---|
| Quick | Under 100 lines, 1-5 files | Base review only (this skill) |
| Standard | 100-500 lines, or 6-10 files | Base + conditional specialists |
| Deep | 500+ lines, or 10+ files, or touches auth/payments/data mutation | Base + all relevant specialists + adversarial pass |
State the depth before proceeding. If the diff is Quick, skip to "Did We Build What Was Asked?" and run the standard single-pass flow. If Standard or Deep, continue to "Specialist Review" after completing the standard flow.
Before reading the code, check for scope drift:
These are not negotiable:
Destructive auto-execution: any task flagged as "safe" or "auto-run" that modifies user-visible state (history files, config files, stored preferences, installed software, cache entries the user can inspect) must require explicit confirmation. "Safe" means no side effects, not "probably harmless." If a task deletes or rewrites something the user can see, it is not safe by default.
Release artifacts missing: a GitHub release with an empty body, missing assets, or unuploaded build files is not a completed release. Verify every artifact listed in the release template exists as a local file and has been uploaded before declaring done.
Translated file naming collision: when placing a file in a language-specific directory (e.g., _posts_en/, en/), the file name must not repeat the language suffix. Check the naming convention of existing files in the same directory first.
GitHub issue or PR number mismatch: before commenting on, closing, or acting on a GitHub issue or PR, verify the number matches the one discussed in this session. Do not rely on memory. Run gh issue view N or gh pr view N to confirm the title matches before writing.
GitHub comment style: PR review comments and issue replies must be brief (1-2 sentences), natural-sounding, and friendly. Not verbose. Not formatted like a report. Not AI-sounding. If a comment needs more than 2 sentences, it should be structured as a list, not a paragraph.
Injection and validation: SQL, command, path injection; inputs that bypass validation at system entry points
Shared state: unsynchronized writes, check-then-act races, missing locks
External trust: output from LLMs, APIs, or user input fed into commands or queries without sanitization; credentials hardcoded or logged
Missing cases: enum or match exhaustiveness; use grep on sibling values outside the diff to confirm
Unknown identifiers in diff: any function, method, variable, or type name introduced in the diff that does not exist in the codebase is a hard stop. Before writing or approving a reference to an identifier, grep for it: grep -r "identifier_name" . -- if it returns no results outside the diff itself, it does not exist. Do not assume the name is correct from memory.
Dependency changes: unexpected additions or version bumps in package.json, Cargo.toml, go.mod, or requirements.txt. Flag any new dependency not obviously required by the diff.
Worth noting but not merge-blocking:
Load references/persona-catalog.md to determine which specialists activate for this diff.
For each specialist that activates: launch it via the Agent tool, passing the full diff and the relevant agent prompt from agents/. Run all activated specialists in parallel.
After all agents complete, merge findings:
Then proceed to Autofix Routing before presenting findings.
Classify each finding from the standard review and specialists:
| Class | Definition | Action |
|---|---|---|
safe_auto | Unambiguous, risk-free: typos, missing imports, style inconsistencies | Apply immediately |
gated_auto | Likely correct but changes behavior: null checks on new paths, error handling additions | Batch into one AskUserQuestion |
manual | Requires judgment: architecture, behavior changes, security tradeoffs | Present in sign-off |
advisory | Informational, no code change warranted | Note in sign-off |
Apply all safe_auto fixes before presenting anything. Batch all gated_auto items into one confirmation block. Never ask separately about each one.
After all findings are collected, run one focused adversarial pass. Ask: "If I were trying to break this system through this specific diff, what would I exploit?"
Four angles to check (load references/persona-catalog.md for detail):
Suppress adversarial findings below 0.60 confidence. Only file findings with a concrete scenario.
Fix directly when the correct answer is unambiguous: clear bugs, null checks on crash paths, style inconsistencies matching the surrounding code, trivial test additions.
Batch everything else into a single AskUserQuestion when the fix involves behavior changes, architectural choices, or anything where "right" depends on intent:
[N items need a decision]
1. [hard stop / signal] What: ... Suggested fix: ... Keep / Skip?
2. ...
Use gh CLI for all GitHub interactions. If gh is not installed, run brew install gh && gh auth login (or guide the user through their platform's install).
# Before commenting or closing issues, verify the number
gh issue view 123 --json title,state --jq '.title'
# Before merging, check CI status
gh pr checks
# Create PR with structured body
gh pr create --title "..." --body "..."
# Review PR diff
gh pr diff 123
# Leave a comment (keep it 1-2 sentences, natural tone)
gh pr comment 123 --body "Looks good, one small fix applied."
Do not use the GitHub MCP or raw API when gh can do the same thing. gh handles auth, pagination, and error messages cleanly.
Beyond correctness, ask three questions a senior reviewer would ask:
These do not block a merge on their own, but a "no" on any of them is worth flagging explicitly.
For every new code path: trace it, check if a test covers it. If this change fixes a bug, a test that fails on the old code must exist before this is done.
After all fixes are applied, run scripts/verify.sh from this skill via CLAUDE_SKILL_DIR, or the project's known verification command:
bash "$CLAUDE_SKILL_DIR/scripts/verify.sh"
If nothing is detected, ask the user for the verification command before proceeding.
Paste the full output. Report exact numbers. Done means: the command ran in this session and passed.
If no verification command exists or the command fails: halt. Do not claim done. Ask the user how to verify before proceeding.
If any of these phrases appear in your reasoning, stop and run the verification command before continuing:
These are rationalization patterns, not evidence. Verification ran and passed = done. Everything else = not done.
Real failures from prior sessions, in order of frequency:
gh issue view N or gh pr view N to confirm title before commenting or closing.article.en.md inside _posts_en/, generating a duplicate URL. Check the naming convention of existing files in the target directory first.scripts/verify.sh anyway..env.local. Site returned 401 on every request. Run vercel env ls or equivalent and diff against local keys before deploying.git remote -v and verify auth method before the first push in a new project.files changed: N (+X -Y)