speckit-code-review
CommunitySecurity code review for uncommitted changes
Software Engineering#security#pre-commit#vulnerabilities#code-quality#static-analysis#code-review#secrets-detection
Authora2mus
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates a focused security and quality review of uncommitted changes and diffs to detect high-risk issues early in the development workflow, reducing the chance of shipping vulnerabilities or low-quality code.
Core Features & Use Cases
- Security checks: Detects hardcoded credentials, API keys, tokens, SQL injection, XSS, missing input validation, insecure dependencies, and path traversal risks.
- Code quality rules: Flags overly long functions, very large files, deep nesting, missing error handling, console/log statements, and TODO/FIXME comments.
- Reporting & remediation: Produces a Markdown report with severity (CRITICAL, HIGH, MEDIUM, LOW), file locations, line numbers, descriptions, and suggested fixes and attempts to fix CRITICAL/HIGH issues immediately.
- Use Cases: Pre-commit or pre-merge checks, CI gating for pull requests, security triage during code review, and automated remediation of the most severe findings.
Quick Start
Run a speckit code review on the repository to scan uncommitted changes and generate a prioritized security and quality report.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: speckit-code-review Download link: https://github.com/a2mus/smart-da3m/archive/main.zip#speckit-code-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.