Skill

sentinelx-review-gate

Prompts for advisory-only security reviews of changed code via git diffs or file inspections when implementation completes or review requested.

Git

security

npx claudepluginhub alicankiraz1/sentinelxprime --plugin sentinelx-prime

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Run an advisory-only security review after implementation. This skill reports findings but does not block progress by default.

Supporting Assets

agents/openai.yamlreferences/review-categories.md

SKILL.md

Similar Skills

security-review

Reviews code changes for security vulnerabilities, insecure patterns, and best practices. Targets implementation deltas like git diffs and new dependencies, not full audits.

rpikit

requesting-code-review

Performs structured code reviews checking requirements, quality, and security standards after changes or before merge. Uses git diffs, context snapshots, and blast radius for scope.

1 file

superpowers-optimized

differential-review

36.4k

Performs security-focused reviews of PRs, commits, and diffs targeting auth, crypto, external calls, value transfer, and high-risk logic with evidence-based findings and markdown reports.

antigravity-awesome-skills

Stats

Stars22

Forks1

Last CommitApr 4, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Security Review Gate

Overview

Run an advisory-only security review after implementation. This skill reports findings but does not block progress by default.

When to Use

the user says the code is done or ready for review

a feature was just implemented and needs a security pass

a delivery or release checkpoint is approaching and source-level review would help

Workflow

Ask once whether the user wants a focused security review, following ../sentinelx-prime/references/interaction-model.md for language behavior when available.

If the user declines, stop and do not repeat the same offer in the same stage.

If the user accepts, treat that acceptance as consent for read-only active analysis within the current review scope and load references/review-categories.md.

If git and shell access are available, inspect changed code within the current repo-local scope using ../sentinelx-prime/references/active-analysis.md. If git-backed active analysis is unavailable but shell reads still work, you may inspect files already visible in context or explicitly named by the user as a limited current-source fallback. If shell access is unavailable, stay description-based and note the fallback in assumptions.

Load ../shared/common-web-threats.md, ../shared/finding-schema.md, and a stack profile when relevant.

Report findings using the required fields from ../shared/finding-schema.md. Include evidence_source whenever code, diff, heuristic, or description evidence materially affected the conclusion.

End with a closing coverage note using the shared headings: Reviewed / Not reviewed / Assumptions / Tools run.

Guardrails

Do not block the user's progress automatically.

Do not call heuristic review output a scan result unless a real tool was run.

Do not equate no findings with security completeness.

Do not describe limited current-source fallback as diff-grounded active analysis.

Do not inspect code outside the accepted review scope just because it shares security-related keywords.

Do not hardcode a fixed English ask prompt in this skill.

Security Review Gate

Overview

Run an advisory-only security review after implementation. This skill reports findings but does not block progress by default.

When to Use

the user says the code is done or ready for review

a feature was just implemented and needs a security pass

a delivery or release checkpoint is approaching and source-level review would help

Workflow

Ask once whether the user wants a focused security review, following ../sentinelx-prime/references/interaction-model.md for language behavior when available.

If the user declines, stop and do not repeat the same offer in the same stage.

If the user accepts, treat that acceptance as consent for read-only active analysis within the current review scope and load references/review-categories.md.

Load ../shared/common-web-threats.md, ../shared/finding-schema.md, and a stack profile when relevant.

Report findings using the required fields from ../shared/finding-schema.md. Include evidence_source whenever code, diff, heuristic, or description evidence materially affected the conclusion.

End with a closing coverage note using the shared headings: Reviewed / Not reviewed / Assumptions / Tools run.

Guardrails

Do not block the user's progress automatically.

Do not call heuristic review output a scan result unless a real tool was run.

Do not equate no findings with security completeness.

Do not describe limited current-source fallback as diff-grounded active analysis.

Do not inspect code outside the accepted review scope just because it shares security-related keywords.

Do not hardcode a fixed English ask prompt in this skill.