fix-review
Verify fix commits address audit findings without new bugs
Best use case
fix-review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Verify fix commits address audit findings without new bugs
Teams using fix-review should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/fix-review/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How fix-review Compares
| Feature / Agent | fix-review | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Verify fix commits address audit findings without new bugs
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Fix Review ## Overview Verify that fix commits properly address audit findings without introducing new bugs or security vulnerabilities. ## When to Use This Skill Use this skill when you need to verify fix commits address audit findings without new bugs. Use this skill when: - Reviewing commits that address security audit findings - Verifying that fixes don't introduce new vulnerabilities - Ensuring code changes properly resolve identified issues - Validating that remediation efforts are complete and correct ## Instructions This skill helps verify that fix commits properly address audit findings: 1. **Review Fix Commits**: Analyze commits that claim to fix audit findings 2. **Verify Resolution**: Ensure the original issue is properly addressed 3. **Check for Regressions**: Verify no new bugs or vulnerabilities are introduced 4. **Validate Completeness**: Ensure all aspects of the finding are resolved ## Review Process When reviewing fix commits: 1. Compare the fix against the original audit finding 2. Verify the fix addresses the root cause, not just symptoms 3. Check for potential side effects or new issues 4. Validate that tests cover the fixed scenario 5. Ensure no similar vulnerabilities exist elsewhere ## Best Practices - Review fixes in context of the full codebase - Verify test coverage for the fixed issue - Check for similar patterns that might need fixing - Ensure fixes follow security best practices - Document the resolution approach ## Resources For more information, see the [source repository](https://github.com/trailofbits/skills/tree/main/plugins/fix-review).
Related Skills
git:attach-review-to-pr
Add line-specific review comments to pull requests using GitHub CLI API
comprehensive-review-pr-enhance
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and e...
architect-review
Master software architect specializing in modern architecture
power-bi-model-design-review
Comprehensive Power BI data model design review prompt for evaluating model architecture, relationships, and optimization opportunities.
dotnet-design-pattern-review
Review the C#/.NET code for design pattern implementation and suggest improvements.
web-design-reviewer
This skill enables visual inspection of websites running locally or remotely to identify and fix design issues. Triggers on requests like "review website design", "check the UI", "fix the layout", "find design problems". Detects issues with responsive design, accessibility, visual consistency, and layout breakage, then performs fixes at the source code level.
sql-code-review
Universal SQL code review assistant that performs comprehensive security, maintainability, and code quality analysis across all SQL databases (MySQL, PostgreSQL, SQL Server, Oracle). Focuses on SQL injection prevention, access control, code standards, and anti-pattern detection. Complements SQL optimization prompt for complete development coverage.
code-review:review-pr
Comprehensive pull request review using specialized agents
code-review:review-local-changes
Comprehensive review of local uncommitted changes using specialized agents with code improvement suggestions
review-and-refactor
Review and refactor code in your project according to defined instructions
requesting-code-review
Use when completing tasks, implementing major features, or before merging to verify work meets requirements
receiving-code-review
Use when receiving code review feedback, before implementing suggestions, especially if feedback seems unclear or technically questionable - requires technical rigor and verification, not performat...