From Ringmaster
The ownership review - use when a developer must take 100% responsibility for a code change written largely by AI and wants to genuinely understand and stand behind it before shipping. Trigger on 'review this branch/PR', 'code review', 'help me own this code', 'I have to be responsible for this', 'sign off on this change', or 'make sure I understand this before I ship'. It runs AFTER detection (the Security Gate and the code-review pipeline find the bugs) and adds what they cannot - it reconstructs the developer's understanding through active recall by dispatching the comprehension agent to generate diff-grounded questions, conducts the quiz answer-first in the main thread, teaches on every miss with grounded explanations a junior could follow, and records an auditable ownership sign-off (gate.owned) that the Stop hook enforces. It never fixes code, never commits, and never rubber-stamps.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ringmaster:ownership-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Most code review asks one question: *is the code correct and safe?* Ringmaster already answers that — the **Security Gate** hunts vulnerabilities and the **code-review** pipeline hunts defects. This skill exists for the *other* question, the one the AI era makes urgent and no market tool answers well:
Most code review asks one question: is the code correct and safe? Ringmaster already answers that — the Security Gate hunts vulnerabilities and the code-review pipeline hunts defects. This skill exists for the other question, the one the AI era makes urgent and no market tool answers well:
Does the human who is about to take 100% responsibility for this change actually understand it?
When AI writes the code, the old path to understanding — writing it yourself — is gone. A developer can ship a diff they've only skimmed and honestly believe they've "reviewed" it. That's the gap that ends in a 2am incident nobody on the team can debug. This skill closes it: it reconstructs the developer's understanding through active recall, teaches wherever it finds a hole, and produces an auditable ownership sign-off so "I take responsibility for this" is backed by evidence instead of a vibe.
Two stances at once, and both matter:
This skill is stack-independent and it does not re-implement bug detection — it stands on top of the tools that do.
The same rails the orchestrator enforces (hook-backed, hold under skip-permissions):
Security Gate → code-review → Ownership Review → sign-off
(secrets, (defects, (reconstruct (gate.owned
injection, logic, edge understanding, recorded;
authz) cases) teach the holes, evidence
calibrate) trail)
Detection runs first — you can't honestly own a change that's still broken. If the Security Gate or code-review haven't run on this diff yet, trigger them (or the bundled fallbacks) before comprehension. Fold their findings into the questions: a defect they flagged is exactly the kind of thing the developer should be made to understand before signing.
Get the change: git diff (working/staged) or the PR. Risk-tier it using the comprehension agent's tiers (agents/comprehension.md): trivial · standard · critical. A trivial change (rename, comment, formatting) gets no quiz — say so plainly and move to a light sign-off. Over-quizzing a typo is the fastest way to make this hated; the risk tier is what keeps it welcome.
Confirm the diff has cleared the Security Gate and code-review (route to them, or run the bundled passes — see skills/orchestrator/references/routing-and-plugins.md and skills/orchestrator/references/output-style.md). This skill adds a layer; it does not duplicate theirs. Carry their headline findings into Stage 2.
Because a Claude Code subagent can't take live input, comprehension splits cleanly (full method in agents/comprehension.md):
comprehension subagent on the diff. In its fresh context it risk-tiers, finds the load-bearing spots, and returns a grounded question bank across the five levels (architectural · code · functional · business · test) — each question carrying an evidence anchor (file:line), a model answer, the load-bearing points, and the common wrong turns. It asks the human nothing.Record the outcome as gate.owned on the change's ledger task, and honor the interaction contract below so it can never deadlock or be gamed. Then present the Ownership Sign-off Record (format in references/signoff-and-evidence.md).
Turn the record into a durable, auditable artifact — the thing that lets the developer prove they owned this in a future incident review or audit. Default is draft-and-paste (you produce the block, the human pastes it into Jira/Confluence). If the Atlassian MCP is connected, offer to write it directly (MCP preflight — see references/signoff-and-evidence.md); never assume it's there.
The ownership sign-off is enforced by the Stop hook via a conditional gate.owned criterion (hooks/stop_gate.py). To make that a genuine tooth that never traps a legitimate pause, manage two ledger fields together:
waitingOnHuman: true and record gate.owned: false on the task. (waitingOnHuman tells the Stop hook this pause is legitimate, so you can stop to actually ask the human.)gate.owned: true and waitingOnHuman: false.gate.owned: false, keep waitingOnHuman: true, and stop to ask. The sign-off is not honest yet — do not proceed.owned: true to escape the gate. The one pattern the Stop hook is built to catch is a change marked done while its sign-off is on record as not honest (owned: false and waitingOnHuman: false). That composition means the tooth only ever bites the dishonest case — silently shipping an unowned change.No ledger? For an ad-hoc "review my branch" with no
.ringmaster/ledger, run the quiz and produce the record all the same — it just isn't hook-enforced (there's no task to recordownedon). Say so honestly in the report: the sign-off is real, the automatic enforcement isn't active without a ledger.
Emit the record from references/signoff-and-evidence.md. It reuses the house style (skills/orchestrator/references/output-style.md): a compact table, per-question verdicts, the confidence-calibration flags, an honest overall posture, and a plain-language line that ends with the concrete thing the developer can now do — walk into an incident review for this change and explain the load-bearing part in their own words. That sentence is the deliverable: it's what "I own this" is worth.
gate.owned: true). Detection was clean or its findings understood.gate.owned stays false; say exactly what's outstanding.agents/comprehension.md — the comprehension examiner: the full question-generation rubric (risk-tiering, the five levels, the question taxonomy, the grounded question-bank format) and the grading rubric (answer-first, the four verdicts, confidence calibration, the anti-hallucination contract). Read/execute in Stage 2.references/signoff-and-evidence.md — the Ownership Sign-off Record format, the honesty doctrine for what a sign-off may and may not claim, and the draft-and-paste (or Atlassian-MCP) evidence trail. Read in Stages 3–4.skills/orchestrator/references/output-style.md — the house style shared across Ringmaster. Read before printing.npx claudepluginhub raghatatepiyush/ringmaster --plugin ringmasterRedis data structure patterns, caching strategies, distributed locks, rate limiting, pub/sub, and connection management for production applications.