Back to Details

skill-review

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Skill Review Skill

Skill审核Skill

Process

流程

Invoke: 
/review-skill <skill-name>
or use this skill when detecting outdated patterns
Production evidence: better-auth audit (2025-11-08) - found 6 critical issues including non-existent API imports, removed 665 lines incorrect code, implemented v2.0.0
调用方式:
/review-skill <skill-name>
或在检测到过时模式时使用此Skill
生产环境验证案例:better-auth审核(2025-11-08)——发现6个关键问题,包括不存在的API导入,移除了665行错误代码,升级至v2.0.0版本

9-Phase Audit

9阶段审核流程

  1. Pre-Review: Install skill, check version/date, test discovery
  2. Standards: Validate YAML, keywords, third-person style, directory structure
  3. Official Docs: WebFetch/Context7 verify API patterns, GitHub updates, npm versions, production repos
  4. Code Examples: Verify imports exist, API signatures match, schema consistency, templates work
  5. Cross-File Consistency: Compare SKILL.md vs README.md, bundled resources match files
  6. Dependencies: Run 
    ./scripts/check-versions.sh
    , check breaking changes, verify "Last Verified"
  7. Categorize: Severity (🔴 Critical / 🟡 High / 🟠 Medium / 🟢 Low) with evidence (GitHub/docs/npm)
  8. Fix: Auto-fix unambiguous, ask user for architectural, update all files, bump version
  9. Verify: Test discovery, templates work, no contradictions, commit with changelog
Automated (via 
./scripts/review-skill.sh
): YAML syntax, package versions, broken links, TODOs, file org, staleness
Manual (AI): API methods vs docs, GitHub issues, production comparisons, code correctness, schema consistency
  1. 预审核:安装Skill,检查版本/日期,测试可发现性
  2. 标准合规性:验证YAML格式、关键词、第三人称表述、目录结构
  3. 官方文档校验:通过WebFetch/Context7验证API模式、GitHub更新、npm版本、生产环境仓库
  4. 代码示例验证:确认导入项存在、API签名匹配、Schema一致性、模板可正常运行
  5. 跨文件一致性检查:对比SKILL.md与README.md,确认捆绑资源与实际文件匹配
  6. 依赖项检查:运行
    ./scripts/check-versions.sh
    ,检查破坏性变更,验证"最后验证时间"
  7. 问题分级:按照严重程度(🔴 关键 / 🟡 高 / 🟠 中 / 🟢 低)分类,并附上证据(GitHub/文档/npm)
  8. 修复处理:自动修复明确的问题,针对架构类问题询问用户,更新所有相关文件,升级版本号
  9. 验证确认:测试可发现性、模板可用性,确保无矛盾内容,提交变更并更新变更日志
自动化检测(通过
./scripts/review-skill.sh
):YAML语法、包版本、失效链接、TODO标记、文件组织、陈旧性检查
人工校验(AI执行):API方法与文档对比、GitHub问题、生产环境对比、代码正确性、Schema一致性

Severity Classification

严重程度分级

🔴 CRITICAL: Non-existent API/imports, invalid config, missing dependencies
🟡 HIGH: Contradictory examples, inconsistent patterns, outdated major versions
🟠 MEDIUM: Stale minors (>90d), missing docs sections, incomplete errors
🟢 LOW: Typos, formatting, missing optional metadata
🔴 关键:不存在的API/导入项、无效配置、缺失依赖
🟡 :示例内容矛盾、模式不一致、主版本过时
🟠 :次版本陈旧(超过90天)、缺失文档章节、错误信息不完整
🟢 :拼写错误、格式问题、缺失可选元数据

Fix Decision

修复决策

Auto-fix: Unambiguous (correct import from docs), clear evidence, no architectural impact
Ask user: Multiple valid approaches, breaking changes, architectural choices
自动修复:问题明确(如根据文档修正导入项)、证据充分、无架构影响的情况
询问用户:存在多种有效解决方案、涉及破坏性变更、架构选择类问题

Version Bumps

版本升级规则

  • Major (v1→v2): API patterns change
  • Minor (v1.0→v1.1): New features, backward compatible
  • Patch (v1.0.0→v1.0.1): Bug fixes only
  • 主版本(v1→v2):API模式发生变更
  • 次版本(v1.0→v1.1):新增功能,向后兼容
  • 补丁版本(v1.0.0→v1.0.1):仅修复Bug

Example: better-auth Audit (2025-11-08)

示例:better-auth审核(2025-11-08)

🔴 CRITICAL #1: Non-existent 
d1Adapter
import from 
'better-auth/adapters/d1'
  • Evidence: Official docs show drizzleAdapter, GitHub has no d1Adapter export, 4 production repos use Drizzle/Kysely
  • Fix: Replaced with 
    drizzleAdapter
    from 
    'better-auth/adapters/drizzle'
Result: 3 files deleted (obsolete), 3 created (correct patterns), +1,266 lines, v1.0→v2.0, 3.5 hours
🔴 关键问题#1:从
'better-auth/adapters/d1'
导入不存在的
d1Adapter
  • 证据:官方文档显示应为drizzleAdapter,GitHub无d1Adapter导出,4个生产环境仓库使用Drizzle/Kysely
  • 修复:替换为从
    'better-auth/adapters/drizzle'
    导入
    drizzleAdapter
结果:删除3个过时文件,创建3个符合规范的文件,新增1266行代码,版本从v1.0升级至v2.0,耗时3.5小时

Issues Prevented (10)

已预防的问题(10类)

  1. Fake API adapters - Non-existent imports
  2. Stale API methods - Changed signatures
  3. Schema inconsistency - Different table names
  4. Outdated scripts - Deprecated approaches
  5. Version drift - Packages >90 days old
  6. Contradictory examples - Multiple conflicting patterns
  7. Broken links - 404 URLs
  8. YAML errors - Invalid frontmatter
  9. Missing keywords - Poor discoverability
  10. Incomplete bundled resources - Listed files don't exist
  1. 虚假API适配器 - 不存在的导入项
  2. 陈旧API方法 - 签名已变更
  3. Schema不一致 - 表名称不统一
  4. 过时脚本 - 使用已废弃的实现方式
  5. 版本漂移 - 包版本超过90天未更新
  6. 矛盾示例 - 存在多种冲突的实现模式
  7. 失效链接 - 404错误的URL
  8. YAML错误 - 无效的前置元数据
  9. 缺失关键词 - 可发现性差
  10. 不完整的捆绑资源 - 列出的文件实际不存在

Bundled Resources

捆绑资源

Planning: 
~/.claude/skills/../planning/SKILL_REVIEW_PROCESS.md
or repo 
planning/SKILL_REVIEW_PROCESS.md
(complete 9-phase guide)
Scripts: Repo root 
scripts/review-skill.sh
(automated validation)
Commands: Repo root 
commands/review-skill.md
(slash command, symlinked to 
~/.claude/commands/
)
References: 
references/audit-report-template.md
(output template)
Last Verified: 2026-01-09 | Version: 1.0.1
规划文档
~/.claude/skills/../planning/SKILL_REVIEW_PROCESS.md
或仓库中的
planning/SKILL_REVIEW_PROCESS.md
(完整的9阶段指南) 脚本:仓库根目录下的
scripts/review-skill.sh
(自动化验证脚本) 命令:仓库根目录下的
commands/review-skill.md
(斜杠命令,已软链接至
~/.claude/commands/
参考模板
references/audit-report-template.md
(输出模板)
最后验证时间:2026-01-09 | 版本:1.0.1