Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From ck-skills
Review code quality with adversarial rigor. Supports input modes: pending changes, PR number, commit hash, codebase scan. Always-on red-team analysis finds security holes, false assumptions, and failure modes.
npx claudepluginhub bestagentkits/ck-skills --plugin ck-skillsHow this skill is triggered — by the user, by Claude, or both
Slash command
/ck-skills:code-review [#PR | COMMIT | --pending | codebase [parallel]][#PR | COMMIT | --pending | codebase [parallel]]The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Adversarial code review with technical rigor, evidence-based claims, and verification over performative responses. Every review includes red-team analysis that actively tries to break the code.
references/adversarial-review.mdreferences/checklist-workflow.mdreferences/checklists/api.mdreferences/checklists/base.mdreferences/checklists/web-app.mdreferences/code-review-reception.mdreferences/codebase-scan-workflow.mdreferences/edge-case-scouting.mdreferences/input-mode-resolution.mdreferences/parallel-review-workflow.mdreferences/requesting-code-review.mdreferences/spec-compliance-review.mdreferences/task-management-reviews.mdreferences/verification-before-completion.mdTranslates PRD intent, roadmap items, or product discussions into implementation-ready capability plans exposing constraints, invariants, interfaces, and unresolved decisions before multi-service work.
Share bugs, ideas, or general feedback.
Adversarial code review with technical rigor, evidence-based claims, and verification over performative responses. Every review includes red-team analysis that actively tries to break the code.
Auto-detect from arguments. If ambiguous or no arguments, prompt via AskUserQuestion.
| Input | Mode | What Gets Reviewed |
|---|---|---|
#123 or PR URL | PR | Full PR diff fetched via gh pr diff |
abc1234 (7+ hex chars) | Commit | Single commit diff via git show |
--pending | Pending | Staged + unstaged changes via git diff |
| (no args, recent changes) | Default | Recent changes in context |
codebase | Codebase | Full codebase scan |
codebase parallel | Codebase+ | Parallel multi-reviewer audit |
Resolution details: references/input-mode-resolution.md
If invoked WITHOUT arguments and no recent changes in context, use AskUserQuestion with header "Review Target", question "What would you like to review?":
| Option | Description |
|---|---|
| Pending changes | Review staged/unstaged git diff |
| Enter PR number | Fetch and review a specific PR |
| Enter commit hash | Review a specific commit |
| Full codebase scan | Deep codebase analysis |
| Parallel codebase audit | Multi-reviewer codebase scan |
YAGNI, KISS, DRY always. Technical correctness over social comfort. Be honest, be brutal, straight to the point, and be concise.
Verify before implementing. Ask before assuming. Evidence before claims.
| Practice | When | Reference |
|---|---|---|
| Spec compliance | After implementing from plan/spec, BEFORE quality review | references/spec-compliance-review.md |
| Adversarial review | Always-on Stage 3 — actively tries to break the code | references/adversarial-review.md |
| Receiving feedback | Unclear feedback, external reviewers, needs prioritization | references/code-review-reception.md |
| Requesting review | After tasks, before merge, stuck on problem | references/requesting-code-review.md |
| Verification gates | Before any completion claim, commit, PR | references/verification-before-completion.md |
| Edge case scouting | After implementation, before review | references/edge-case-scouting.md |
| Checklist review | Pre-landing, /ck:ship pipeline, security audit | references/checklist-workflow.md |
| Task-managed reviews | Multi-file features (3+ files), parallel reviewers, fix cycles | references/task-management-reviews.md |
SITUATION?
│
├─ Input mode? → Resolve diff (references/input-mode-resolution.md)
│ ├─ #PR / URL → fetch PR diff
│ ├─ commit hash → git show
│ ├─ --pending → git diff (staged + unstaged)
│ ├─ codebase → full scan (references/codebase-scan-workflow.md)
│ ├─ codebase parallel → parallel audit (references/parallel-review-workflow.md)
│ └─ default → recent changes in context
│
├─ Received feedback → STOP if unclear, verify if external, implement if human partner
├─ Completed work from plan/spec:
│ ├─ Stage 1: Spec compliance review (references/spec-compliance-review.md)
│ │ └─ PASS? → Stage 2 │ FAIL? → Fix → Re-review Stage 1
│ ├─ Stage 2: Code quality review (code-reviewer subagent)
│ │ └─ Scout edge cases → Review standards, performance
│ └─ Stage 3: Adversarial review (references/adversarial-review.md) [ALWAYS-ON]
│ └─ Red-team the code → Adjudicate → Accept/Reject findings
├─ Completed work (no plan) → Scout → Code quality → Adversarial review
├─ Pre-landing / ship → Load checklists → Two-pass review → Adversarial review
├─ Multi-file feature (3+ files) → Create review pipeline tasks (scout→review→adversarial→fix→verify)
└─ About to claim status → RUN verification command FIRST
Stage 1 — Spec Compliance (load references/spec-compliance-review.md)
Stage 2 — Code Quality (code-reviewer subagent)
Stage 3 — Adversarial Review (load references/adversarial-review.md)
Pattern: READ → UNDERSTAND → VERIFY → EVALUATE → RESPOND → IMPLEMENT No performative agreement. Verify before implementing. Push back if wrong.
Full protocol: references/code-review-reception.md
When: After each task, major features, before merge
Process:
BASE_SHA=$(git rev-parse HEAD~1) and HEAD_SHA=$(git rev-parse HEAD)Full protocol: references/requesting-code-review.md
When: After implementation, before requesting code-reviewer
Process:
/ck:scout with edge-case-focused promptFull protocol: references/edge-case-scouting.md
When: Multi-file features (3+ changed files), parallel code-reviewer scopes, review cycles with Critical fix iterations.
Fallback: Task tools (TaskCreate/TaskUpdate/TaskGet/TaskList) are CLI-only — unavailable in VSCode extension. If they error, use TodoWrite for tracking and run pipeline sequentially. Review quality is identical.
Pipeline: scout → review → adversarial → fix → verify (each a Task with dependency chain)
TaskCreate: "Scout edge cases" → pending
TaskCreate: "Review implementation" → pending, blockedBy: [scout]
TaskCreate: "Adversarial review" → pending, blockedBy: [review]
TaskCreate: "Fix critical issues" → pending, blockedBy: [adversarial]
TaskCreate: "Verify fixes pass" → pending, blockedBy: [fix]
Parallel reviews: Spawn scoped code-reviewer subagents for independent file groups (e.g., backend + frontend). Fix task blocks on all reviewers completing.
Re-review cycles: If fixes introduce new issues, create cycle-2 review task. Limit 3 cycles, escalate to user after.
Full protocol: references/task-management-reviews.md
Iron Law: NO COMPLETION CLAIMS WITHOUT FRESH VERIFICATION EVIDENCE
Gate: IDENTIFY command → RUN full → READ output → VERIFY confirms → THEN claim
Requirements:
Red Flags: "should"/"probably"/"seems to", satisfaction before verification, trusting agent reports
Full protocol: references/verification-before-completion.md
/code-review #123 → fetch diff → full 3-stage review on PR changes/code-review abc1234 → review specific commit with full pipeline| Subcommand | Reference | Purpose |
|---|---|---|
/ck:code-review codebase | references/codebase-scan-workflow.md | Scan & analyze the codebase |
/ck:code-review codebase parallel | references/parallel-review-workflow.md | Ultrathink edge cases, then parallel verify |
Verify. Scout. Red-team. Question. Then implement. Evidence. Then claim.