{"id":"7d39f39d-104b-4ba1-8c54-994829d21782","shortId":"EsHJpx","kind":"skill","title":"review","tagline":"Orchestrated REVIEW phase — analyze the diff, decide which audits apply, run them in order, consolidate findings. Use before merging a PR, before shipping a significant change, or when user asks to \"review\", \"/hb:review\", \"do a full review\". Don't use for single-file fixes (use `","description":"# Review Phase\n\nWorkflow orchestrator for the REVIEW phase of the SDLC. Decides **which audits apply** based on the diff and runs them through dedicated skills. Reports a single consolidated review categorized by severity.\n\nThis is a **workflow-guided** skill: it does not auto-invoke other skills silently. It announces which skill comes next, runs it, then moves to the next.\n\n## Pre-loaded context\n\n- Branch: !`git branch --show-current`\n- Diff stat (vs main): !`git diff --stat $(git merge-base HEAD origin/main 2>/dev/null || git merge-base HEAD main) 2>/dev/null || git diff --stat HEAD~10`\n- Files changed: !`git diff --name-only $(git merge-base HEAD origin/main 2>/dev/null || git merge-base HEAD main) 2>/dev/null || git diff --name-only HEAD~10`\n\n## Workflow\n\n### Phase 1 — Scope detection\n\nFrom the diff, classify changed files:\n\n| Category | Detection | Audit to invoke |\n|----------|-----------|-----------------|\n| Frontend (JSX/TSX/HTML/CSS) | `\\.(jsx?\\|tsx?\\|html\\|css\\|scss)$` matches | `a11y-audit` |\n| User-facing strings | Strings added in components | `i18n` |\n| Bundle / build output | `package.json`, `vite.config.*`, `webpack.config.*`, `next.config.*` | `perf-audit` |\n| Dependencies | `package.json` / `package-lock.json` changed | `deps-audit` |\n| Any code change | always | `code-review` |\n| Any code change | always | `safe-repo` (diff-only mode) |\n| Backend API / data handling | `routes/`, `api/`, `controllers/`, `models/`, `*.sql` | `harden` |\n\nState the detected scope before running: \"I detected frontend + dependency changes. Will run: code-review, a11y-audit, deps-audit, safe-repo.\"\n\n### Phase 2 — Run audits\n\nFor each applicable audit, in this order:\n\n1. **Always**: invoke [code-review](../code-review/SKILL.md). Five-axis review (correctness, readability, architecture, security, performance).\n2. **Always**: invoke [safe-repo](../safe-repo/SKILL.md) scoped to the diff only.\n3. **If frontend changes**: invoke [a11y-audit](../a11y-audit/SKILL.md) on the changed JSX/HTML files.\n4. **If user-facing strings**: invoke [i18n](../i18n/SKILL.md) on the changed components.\n5. **If bundle/build changes**: invoke [perf-audit](../perf-audit/SKILL.md).\n6. **If dependency changes**: invoke [deps-audit](../deps-audit/SKILL.md).\n7. **If backend/data handling**: invoke [harden](../harden/SKILL.md).\n\nAnnounce each step before running (\"Now running a11y-audit on 3 changed components...\"). Capture findings per audit.\n\n### Phase 3 — Consolidate\n\nMerge all findings into a single report categorized by severity:\n\n```\n## Review Summary\n\n**Scope**: <files/lines changed, audits run>\n\n### Critical (blocks merge)\n- <file:line> — <issue> — <which audit flagged it>\n\n### Important (should fix before merge)\n- <file:line> — <issue> — <audit>\n\n### Suggestions (nice-to-have)\n- <file:line> — <issue> — <audit>\n\n### Audits run\n- code-review ✓\n- safe-repo ✓\n- a11y-audit ✓\n- ...\n```\n\nCritical = correctness, security, sensitive data, accessibility blockers (level A WCAG).\nImportant = readability, architecture friction, missing tests, deps with known CVEs.\nSuggestions = style, naming, optional perf wins.\n\n### Phase 4 — Verdict\n\nState explicitly: **APPROVE**, **REQUEST CHANGES**, or **NEEDS DISCUSSION**.\n\n- APPROVE: zero Critical, zero Important\n- REQUEST CHANGES: any Critical, or 3+ Important\n- NEEDS DISCUSSION: Important findings that involve architectural tradeoffs\n\n## Rules\n\n- Always announce which skill comes next before invoking it (workflow-guided, not silent orchestration)\n- Always run `code-review` and `safe-repo` — these are non-negotiable\n- Skip irrelevant audits explicitly with a one-line reason (\"No frontend changes, skipping a11y-audit\")\n- Never invoke `e2e` or `visual-validate` — those belong to VERIFY phase, not REVIEW\n- Never auto-fix issues during review; only report\n- Never push, commit, or merge — review is read-only\n\n## Error Handling\n\n- If diff is empty → report \"Nothing to review\" and stop\n- If `git merge-base` fails (no main remote) → fall back to `HEAD~10`, warn user that base may be wrong\n- If an individual audit skill errors → log the error, continue with remaining audits, note skipped audit in the final report\n- If PR number passed but `gh pr view <num>` fails → fall back to current branch diff, warn user","tags":["review","agent","skills","helderberto","agent-skills","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli","markdown"],"capabilities":["skill","source-helderberto","skill-review","topic-agent-skills","topic-ai-tools","topic-antigravity","topic-claude-code","topic-cursor","topic-developer-tools","topic-gemini-cli","topic-markdown","topic-plugin","topic-sdlc","topic-skills","topic-tracer-bullet"],"categories":["agent-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/helderberto/agent-skills/review","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add helderberto/agent-skills","source_repo":"https://github.com/helderberto/agent-skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (4,278 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:09:14.402Z","embedding":null,"createdAt":"2026-05-18T13:14:54.693Z","updatedAt":"2026-05-18T19:09:14.402Z","lastSeenAt":"2026-05-18T19:09:14.402Z","tsv":"'/a11y-audit/skill.md':332 '/code-review/skill.md':302 '/deps-audit/skill.md':368 '/dev/null':135,143,163,171 '/harden/skill.md':375 '/hb':34 '/i18n/skill.md':346 '/perf-audit/skill.md':359 '/safe-repo/skill.md':318 '1':181,296 '2':134,142,162,170,286,312 '3':324,387,395,485 '4':338,465 '5':351 '6':360 '7':369 'a11y':204,277,330,384,436,540 'a11y-audit':203,276,329,383,435,539 'access':443 'ad':211 'alway':235,242,297,313,496,511 'analyz':5 'announc':99,376,497 'api':251,255 'appli':11,63 'applic':291 'approv':469,475 'architectur':309,450,493 'ask':31 'audit':10,62,192,205,224,231,278,281,288,292,331,358,367,385,393,412,427,437,527,541,611,620,623 'auto':93,558 'auto-fix':557 'auto-invok':92 'axi':305 'back':597,638 'backend':250 'backend/data':371 'base':64,131,139,159,167,591,604 'belong':550 'block':415 'blocker':444 'branch':115,117,641 'build':216 'bundl':215 'bundle/build':353 'captur':390 'categor':79,404 'categori':190 'chang':27,150,188,228,234,241,270,327,335,349,354,363,388,411,471,481,537 'classifi':187 'code':233,237,240,274,300,430,514 'code-review':236,273,299,429,513 'come':102,500 'commit':567 'compon':213,350,389 'consolid':16,77,396 'context':114 'continu':617 'control':256 'correct':307,439 'critic':414,438,477,483 'css':200 'current':120,640 'cves':457 'data':252,442 'decid':8,60 'dedic':72 'dep':230,280,366,454 'depend':225,269,362 'deps-audit':229,279,365 'detect':183,191,262,267 'diff':7,67,121,126,145,152,173,186,247,322,578,642 'diff-on':246 'discuss':474,488 'e2e':544 'empti':580 'error':575,613,616 'explicit':468,528 'face':208,342 'fail':592,636 'fall':596,637 'file':46,149,189,337 'files/lines':410 'final':626 'find':17,391,399,490 'five':304 'five-axi':303 'fix':47,419,559 'friction':451 'frontend':195,268,326,536 'full':38 'gh':633 'git':116,125,128,136,144,151,156,164,172,588 'guid':87,507 'handl':253,372,576 'harden':259,374 'head':132,140,147,160,168,177,599 'html':199 'i18n':214,345 'import':417,448,479,486,489 'individu':610 'invok':94,194,298,314,328,344,355,364,373,503,543 'involv':492 'irrelev':526 'issu':560 'jsx':197 'jsx/html':336 'jsx/tsx/html/css':196 'known':456 'level':445 'line':533 'load':113 'log':614 'main':124,141,169,594 'match':202 'may':605 'merg':20,130,138,158,166,397,416,421,569,590 'merge-bas':129,137,157,165,589 'miss':452 'mode':249 'model':257 'move':107 'name':154,175,460 'name-on':153,174 'need':473,487 'negoti':524 'never':542,556,565 'next':103,110,501 'next.config':221 'nice':424 'nice-to-hav':423 'non':523 'non-negoti':522 'note':621 'noth':582 'number':630 'one':532 'one-lin':531 'option':461 'orchestr':2,52,510 'order':15,295 'origin/main':133,161 'output':217 'package-lock.json':227 'package.json':218,226 'pass':631 'per':392 'perf':223,357,462 'perf-audit':222,356 'perform':311 'phase':4,50,56,180,285,394,464,553 'pr':22,629,634 'pre':112 'pre-load':111 'push':566 'read':573 'read-on':572 'readabl':308,449 'reason':534 'remain':619 'remot':595 'repo':245,284,317,434,519 'report':74,403,564,581,627 'request':470,480 'review':1,3,33,35,39,49,55,78,238,275,301,306,407,431,515,555,562,570,584 'rout':254 'rule':495 'run':12,69,104,265,272,287,380,382,413,428,512 'safe':244,283,316,433,518 'safe-repo':243,282,315,432,517 'scope':182,263,319,409 'scss':201 'sdlc':59 'secur':310,440 'sensit':441 'sever':81,406 'ship':24 'show':119 'show-curr':118 'signific':26 'silent':97,509 'singl':45,76,402 'single-fil':44 'skill':73,88,96,101,499,612 'skill-review' 'skip':525,538,622 'source-helderberto' 'sql':258 'stat':122,127,146 'state':260,467 'step':378 'stop':586 'string':209,210,343 'style':459 'suggest':422,458 'summari':408 'test':453 'topic-agent-skills' 'topic-ai-tools' 'topic-antigravity' 'topic-claude-code' 'topic-cursor' 'topic-developer-tools' 'topic-gemini-cli' 'topic-markdown' 'topic-plugin' 'topic-sdlc' 'topic-skills' 'topic-tracer-bullet' 'tradeoff':494 'tsx':198 'use':18,42,48 'user':30,207,341,602,644 'user-fac':206,340 'valid':548 'verdict':466 'verifi':552 'view':635 'visual':547 'visual-valid':546 'vite.config':219 'vs':123 'warn':601,643 'wcag':447 'webpack.config':220 'win':463 'workflow':51,86,179,506 'workflow-guid':85,505 'wrong':607 'zero':476,478 '~10':148,178,600","prices":[{"id":"a97aa51b-fb1a-487a-91ed-a7d3e17a6063","listingId":"7d39f39d-104b-4ba1-8c54-994829d21782","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"helderberto","category":"agent-skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:14:54.693Z"}],"sources":[{"listingId":"7d39f39d-104b-4ba1-8c54-994829d21782","source":"github","sourceId":"helderberto/agent-skills/review","sourceUrl":"https://github.com/helderberto/agent-skills/tree/main/skills/review","isPrimary":false,"firstSeenAt":"2026-05-18T13:14:54.693Z","lastSeenAt":"2026-05-18T19:09:14.402Z"}],"details":{"listingId":"7d39f39d-104b-4ba1-8c54-994829d21782","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"helderberto","slug":"review","github":{"repo":"helderberto/agent-skills","stars":8,"topics":["agent-skills","ai","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli","markdown","plugin","sdlc","skills","tracer-bullet"],"license":"mit","html_url":"https://github.com/helderberto/agent-skills","pushed_at":"2026-05-14T11:37:47Z","description":"My personal SDLC toolbelt for AI coding agents — PRD to ship.","skill_md_sha":"0a5cff6a1229dca4e570ba9db585286abab1ab35","skill_md_path":"skills/review/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/helderberto/agent-skills/tree/main/skills/review"},"layout":"multi","source":"github","category":"agent-skills","frontmatter":{"name":"review","description":"Orchestrated REVIEW phase — analyze the diff, decide which audits apply, run them in order, consolidate findings. Use before merging a PR, before shipping a significant change, or when user asks to \"review\", \"/hb:review\", \"do a full review\". Don't use for single-file fixes (use `code-review` directly) or post-merge audits."},"skills_sh_url":"https://skills.sh/helderberto/agent-skills/review"},"updatedAt":"2026-05-18T19:09:14.402Z"}}