fix-review
Verify fix commits address audit findings without new bugs
Best use case
fix-review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Verify fix commits address audit findings without new bugs
Teams using fix-review should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/fix-review/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How fix-review Compares
| Feature / Agent | fix-review | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Verify fix commits address audit findings without new bugs
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Fix Review ## Overview Verify that fix commits properly address audit findings without introducing new bugs or security vulnerabilities. ## When to Use This Skill Use this skill when you need to verify fix commits address audit findings without new bugs. Use this skill when: - Reviewing commits that address security audit findings - Verifying that fixes don't introduce new vulnerabilities - Ensuring code changes properly resolve identified issues - Validating that remediation efforts are complete and correct ## Instructions This skill helps verify that fix commits properly address audit findings: 1. **Review Fix Commits**: Analyze commits that claim to fix audit findings 2. **Verify Resolution**: Ensure the original issue is properly addressed 3. **Check for Regressions**: Verify no new bugs or vulnerabilities are introduced 4. **Validate Completeness**: Ensure all aspects of the finding are resolved ## Review Process When reviewing fix commits: 1. Compare the fix against the original audit finding 2. Verify the fix addresses the root cause, not just symptoms 3. Check for potential side effects or new issues 4. Validate that tests cover the fixed scenario 5. Ensure no similar vulnerabilities exist elsewhere ## Best Practices - Review fixes in context of the full codebase - Verify test coverage for the fixed issue - Check for similar patterns that might need fixing - Ensure fixes follow security best practices - Document the resolution approach ## Resources For more information, see the [source repository](https://github.com/trailofbits/skills/tree/main/plugins/fix-review).
Related Skills
requesting-code-review
Use when completing tasks, implementing major features, or before merging to verify work meets requirements
receiving-code-review
Use when receiving code review feedback, before implementing suggestions, especially if feedback seems unclear or technically questionable - requires technical rigor and verification, not performat...
performance-testing-review-multi-agent-review
Use when working with performance testing review multi agent review
performance-testing-review-ai-review
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
lightning-architecture-review
Review Bitcoin Lightning Network protocol designs, compare channel factory approaches, and analyze Layer 2 scaling tradeoffs. Covers trust models, on-chain footprint, consensus requirements, HTLC/PTLC compatibility, liveness, and watchtower support.
gha-security-review
GitHub Actions security review for workflow exploitation vulnerabilities. Use when asked to "review GitHub Actions", "audit workflows", "check CI security", "GHA security", "workflow security review", or review .github/workflows/ for pwn requests, expression injection,...
gh-review-requests
Fetch unread GitHub notifications for open PRs where review is requested from a specified team or opened by a team member. Use when asked to "find PRs I need to review", "show my review requests", "what needs my review", "fetch GitHub review requests", or "check team review queue".
error-debugging-multi-agent-review
Use when working with error debugging multi agent review
django-perf-review
Django performance code review. Use when asked to "review Django performance", "find N+1 queries", "optimize Django", "check queryset performance", "database performance", "Django ORM issues", or audit Django code for performance problems.
django-access-review
django-access-review
differential-review
Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically...
comprehensive-review-pr-enhance
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and e...