pma-cr

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

PMA Code Review

Use this skill to review changed code with a high-signal, low-noise process.

This skill is designed for:

local diff review before commit or merge
pull request review for changed lines and surrounding context
repository-wide audit of an existing codebase
PMA-managed repositories that want stack-aware review, not generic checklist spam

使用本skill通过高信号、低噪的流程评审变更代码。

本skill适用于以下场景：

提交或合并前的本地差异评审
针对变更行及周边上下文的Pull Request评审
现有代码库的全仓库审计
期望获得技术栈感知评审、而非通用清单类无效内容的PMA管理仓库

Scope

适用范围

The skill has one entry point and multiple internal review packs:

shared review policy
TypeScript frontend review
TypeScript backend / Bun review
Go review
Rust review
Python review

Keep the entry skill lean. Load only the reference files needed for the detected stack.

该skill包含一个入口点和多个内部评审包：

共享评审策略
TypeScript前端评审
TypeScript后端/Bun评审
Go评审
Rust评审
Python评审

请保持入口skill轻量，仅加载检测到的技术栈所需的参考文件。

Quick Start

快速开始

Local review:

text

/pma-cr

PR review:

text

/pma-cr <PR-number-or-URL>

Repository audit:

text

/pma-cr audit
/pma-cr repo
/pma-cr --repo

本地评审：

text

/pma-cr

PR评审：

text

/pma-cr <PR-number-or-URL>

仓库审计：

text

/pma-cr audit
/pma-cr repo
/pma-cr --repo

Workflow

工作流

Detect review mode:
- no argument: local diff review
- PR number or URL: PR review
- ```
audit
```
  ,
```
repo
```
  , or
```
--repo
```
  : repository audit
Read
```
references/core-review-policy.md
```
.
For repository audit, also read
```
references/repository-audit.md
```
.
Detect stack from changed files and project manifests.

Read only the matching stack packs:

```
references/typescript-frontend.md
```
```
references/typescript-backend.md
```
```
references/go.md
```
```
references/rust.md
```
```
references/python.md
```

Review changed code plus the minimal surrounding context required to verify behavior.
Report only issues that are likely real and introduced by the change, or for repository audit, issues that are evidenced by current repository code.

检测评审模式：
- 无参数：本地差异评审
- PR编号或URL：PR评审
- ```
audit
```
  、
```
repo
```
  或
```
--repo
```
  ：仓库审计
读取
```
references/core-review-policy.md
```
若为仓库审计，额外读取
```
references/repository-audit.md
```
从变更文件和项目清单中识别技术栈

仅读取匹配的技术栈评审包：

```
references/typescript-frontend.md
```
```
references/typescript-backend.md
```
```
references/go.md
```
```
references/rust.md
```
```
references/python.md
```

评审变更代码以及验证行为所需的最小范围周边上下文
仅上报大概率真实存在、且由本次变更引入的问题；若为仓库审计，则上报当前仓库代码中可证实的问题

Stack Selection

技术栈匹配规则

Use these heuristics:

TypeScript frontend:
```
tsx
```
, React, Next.js, Vite, routing, UI components, browser state, client forms
TypeScript backend / Bun: Hono, Express, Fastify, Nest, Bun server code, API routes, DB access, workers
Go:
```
go.mod
```
,
```
*.go
```
Rust:
```
Cargo.toml
```
,
```
*.rs
```

Python:

pyproject.toml

setup.py

requirements.txt

*.py

If the change spans multiple stacks, load all relevant packs and review each changed area against the correct pack.

使用以下启发式规则判断：

TypeScript前端：
```
tsx
```
、React、Next.js、Vite、路由、UI组件、浏览器状态、客户端表单
TypeScript后端/Bun：Hono、Express、Fastify、Nest、Bun服务端代码、API路由、数据库访问、工作进程
Go：
```
go.mod
```
、
```
*.go
```
Rust：
```
Cargo.toml
```
、
```
*.rs
```

Python：

pyproject.toml

、

setup.py

、

requirements.txt

、

*.py

如果变更跨越多个技术栈，加载所有相关评审包，按照对应规则分别评审每个变更区域。

Review Priorities

评审优先级

Always review in this order:

Correctness and regressions
Security and trust boundaries
Data integrity and error handling
Concurrency, cancellation, and resource lifetime
Performance and scalability
Maintainability and tests

Do not spend review budget on stylistic nits unless they violate an explicit project rule.

始终按照以下顺序评审：

正确性与回归风险
安全与信任边界
数据完整性与错误处理
并发、取消逻辑与资源生命周期
性能与可扩展性
可维护性与测试覆盖

不要在风格类细枝末节上浪费评审资源，除非它们违反了明确的项目规则。

Local Review Mode

本地评审模式

Use local mode for uncommitted or staged changes.

inspect staged and unstaged diffs
read enough surrounding code to validate behavior
produce a findings-first report ordered by severity
block approval for critical issues

针对未提交或暂存的变更使用本地模式：

检查暂存和未暂存的差异
读取足够的周边代码验证行为
输出按严重程度排序、优先展示问题的报告
针对严重问题阻止合入

PR Review Mode

PR评审模式

Use PR mode for GitHub pull requests.

inspect PR metadata and diff with
```
gh
```
skip ineligible PRs such as closed or draft PRs
gather relevant
```
CLAUDE.md
```
/
```
AGENTS.md
```
guidance
review only changed behavior and nearby context, not unrelated legacy code
when useful, split the audit by concern or stack, then merge only high-confidence findings
post review to GitHub via
```
gh pr review
```
— request changes when issues found, approve when clean

针对GitHub Pull Request使用PR模式：

通过
```
gh
```
工具检查PR元数据和差异
跳过不符合要求的PR，如已关闭或草稿状态的PR
收集相关的
```
CLAUDE.md
```
/
```
AGENTS.md
```
指引
仅评审变更的行为和邻近上下文，不涉及无关的 legacy 代码
必要时按关注点或技术栈拆分审计，仅合并高可信度的问题
通过
```
gh pr review
```
将评审结果提交到GitHub：发现问题时请求变更，无问题时批准合入

Repository Audit Mode

仓库审计模式

Use repository audit mode when the goal is to assess the current repository, not a diff.

inventory manifests, entry points, CI, tests, and stack markers
identify hotspot areas such as auth, API edges, DB access, jobs, filesystem, external calls, config loading, and isolated dead code
inspect the highest-risk modules first
deduplicate findings by root cause, not by file count
separate confirmed findings from coverage gaps and suggested next actions

当目标是评估当前仓库整体情况、而非单差异时使用仓库审计模式：

清点清单文件、入口点、CI、测试和技术栈标识
识别高风险热点区域，如鉴权、API边界、数据库访问、任务、文件系统操作、外部调用、配置加载、孤立死代码
优先检查最高风险的模块
按根因去重问题，而非按文件数量统计
区分已确认的问题、覆盖缺口和建议后续动作

Output Rules

输出规则

Report findings only when they are strong enough to matter:

prioritize issues that can break behavior, security, correctness, or operations
skip issues that linters, compilers, or typecheckers already guarantee
skip unchanged legacy problems unless the change makes them worse or exposes them
consolidate repeated instances into one finding when the root cause is shared

For local mode, output:

severity
file and line
issue
fix direction

For PR mode, output concise review comments that can be posted directly.

For repository audit mode, output:

findings grouped by
```
P0
```
to
```
P3
```
affected areas
issue and impact
dead-code findings
dead-code removal candidates
needs runtime verification
coverage gaps
recommended next actions

仅上报足够重要的问题：

优先处理会破坏功能、安全、正确性或运维稳定性的问题
跳过linter、编译器或类型检查器已经能保障的问题
跳过未变更的legacy问题，除非本次变更恶化了问题或使其暴露
当多个问题根因相同时，合并为一个问题上报

本地模式输出内容：

严重程度
文件和行号
问题描述
修复方向

PR模式输出可直接提交的简洁评审评论。

仓库审计模式输出内容：

按
```
P0
```
到
```
P3
```
分级的问题
受影响区域
问题与影响说明
死代码发现
死代码移除候选
需要运行时验证的内容
覆盖缺口
推荐后续动作

Reference Packs

参考包

```
references/core-review-policy.md
```
: confidence filter, severity policy, shared review heuristics
```
references/repository-audit.md
```
: repository-wide audit workflow, hotspot selection, and report structure
```
references/typescript-frontend.md
```
: React / Next.js / Vite / browser UI review rules
```
references/typescript-backend.md
```
: Node / Bun / API / validation / DB / async review rules
```
references/go.md
```
: Go review rules around context, errors, concurrency, HTTP, and resource safety
```
references/rust.md
```
: Rust review rules around panic boundaries, async blocking, unsafe, docs, and API contracts
```
references/python.md
```
: Python review rules around validation, deserialization, async, type safety, and command injection

These packs intentionally hold the detailed rules so this file stays small and cheap to load.

```
references/core-review-policy.md
```
：可信度筛选规则、严重程度策略、共享评审启发式规则
```
references/repository-audit.md
```
：全仓库审计工作流、热点选择规则、报告结构
```
references/typescript-frontend.md
```
：React/Next.js/Vite/浏览器UI评审规则
```
references/typescript-backend.md
```
：Node/Bun/API/校验/数据库/异步逻辑评审规则
```
references/go.md
```
：Go语言上下文、错误处理、并发、HTTP、资源安全相关评审规则
```
references/rust.md
```
：Rust语言panic边界、异步阻塞、unsafe、文档、API契约相关评审规则
```
references/python.md
```
：Python语言校验、反序列化、异步、类型安全、命令注入相关评审规则

这些参考包专门存放详细规则，以保证本文档精简、加载成本低。