Loading...
Loading...
Found 349 Skills
Review the diff between the current branch and main as a senior developer. Analyzes architecture, coding standards, security, performance, and correctness. Use when user says 'review my code', 'pre-PR review', 'review diff', 'code review before PR', 'check my changes', or 'senior review'. Do NOT use for only running tests (use a test skill), only linting (use a lint skill), or full PR preparation (use create-pr).
Run a comprehensive security review on code
OWASP Top 10 security vulnerabilities and mitigations. Use when conducting security audits, implementing security controls, or reviewing code for common vulnerabilities.
OWASP Security Checklist
Universal security and robustness scanner for any codebase. Use when auditing code for vulnerabilities, security issues, bugs, or robustness problems. Automatically detects tech stack, creates custom audit plans, and performs recursive deep analysis.
Use when explicitly asked to run the security-reviewer subagent or when another skill requires the security-reviewer agent card.
Validate code quality, test coverage, performance, and security. Use when verifying implemented features meet all standards and requirements before marking complete.
Reviews pull requests and code changes for quality, security, and best practices. Use when user asks for code review, PR review, or mentions reviewing changes.
Perform automated code reviews with best practices, security checks, and refactoring suggestions. Use when reviewing code, checking for vulnerabilities, or analyzing code quality.
Review code changes from multiple specialist perspectives in parallel. Use when you want a thorough review of a PR, branch, or set of changes covering security, performance, correctness, edge cases, and ripple effects. Spawns parallel reviewer agents that each focus on a different lens, then synthesizes into a unified review.
Rummage through code with curious precision, inspecting every corner for security risks and cleaning up what doesn't belong. Use when auditing security, finding secrets, removing dead code, or sanitizing before deployment.
Reverse-engineer a product into a mechanically verifiable feature catalog + code map + specs using an RPI-style loop. Triggers: reverse engineer product, catalog full feature set, docs->code mapping, feature inventory, code map, “Ralph loop”, SaaS boundary mapping, security audit reverse engineering, authorized binary analysis.