review-all

Use when preparing a PR or completing a phase of work and needing a full-spectrum code review. Runs security, API audit, and scope reviewers in parallel and synthesizes findings into a single go/no-go report. Read-only — no file modifications. Keywords: pre-PR review, security audit, API audit, scope review, code review, merge check.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "review-all" with this command: npx skills add acedergren/agentic-tools/acedergren-agentic-tools-review-all

Review All

Comprehensive pre-PR review: run specialized reviewers in parallel, synthesize into a single report. Read-only — no changes.

NEVER

  • Never let any reviewer edit files during this pipeline — read-only is non-negotiable.
  • Never report duplicate findings separately when two reviewers flag the same line — merge into one finding.
  • Never review the whole repository when the user only changed a narrow diff — scope to changed files.
  • Never use this as a substitute for lint, typecheck, or tests — it complements them, runs after them.
  • Never run this for implementation tasks or auto-remediation requests — wrong tool.

Pipeline

Step 1: Identify changed files

git diff --name-only main...HEAD
# On main: git diff --name-only HEAD~5
# Or: bash scripts/detect-review-range.sh

Step 2: Launch parallel review agents

Spawn all agents simultaneously via Task tool:

AgentTypeScopeChecks
Security Reviewersecurity-reviewer (custom)Changed files onlyOWASP Top 10, IDOR, injection, auth gaps
API Route AuditorExplore agentRoutes + types dirsSchema coverage, type drift, auth hooks
Scope AuditorExplore agentgit diff outputOut-of-scope modifications, formatting-only noise

Add project-specific reviewers as needed (DB query reviewer, framework reviewer).

Step 3: Synthesize report

## Pre-PR Review Report

### Summary
| Reviewer  | Findings | Critical | Warnings |
|-----------|----------|----------|----------|
| Security  | 2        | 0        | 2        |
| API Audit | 3        | 1        | 2        |
| Scope     | 1        | 0        | 1        |

### Critical Issues (must fix before merge)
[CRITICAL/HIGH findings with file:line references]

### Warnings (consider fixing)
[MEDIUM/LOW findings]

### Clean Areas
[What passed with no issues]

Step 4: Verdict

End with one clear statement:

  • READY TO MERGE — No critical issues, warnings acceptable
  • NEEDS FIXES — Critical issues found; list exactly what must change
  • NEEDS DISCUSSION — Architectural concerns or ambiguous scope

Arguments

  • (empty): Review changes vs main
  • HEAD~3: Review last 3 commits
  • --security-only: Only security reviewer

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

api-audit

No summary provided by upstream source.

Repository SourceNeeds Review
9-acedergren
Automation

turborepo

No summary provided by upstream source.

Repository SourceNeeds Review
13-acedergren
Automation

firecrawl

No summary provided by upstream source.

Repository SourceNeeds Review
13-acedergren
Automation

cloudflare-zero-trust

No summary provided by upstream source.

Repository SourceNeeds Review
12-acedergren