Fähigkeiten fix-review
🔍

fix-review

Sicher

Verify Fix Commits Address Audit Findings

Security fixes require careful validation to ensure they resolve issues without introducing new bugs. This skill reviews fix commits against audit findings to confirm proper remediation.

UnterstĂĽtzt: Claude Codex Code(CC)
🥉 73 Bronze
1

Die Skill-ZIP herunterladen

2

In Claude hochladen

Gehe zu Einstellungen → Fähigkeiten → Skills → Skill hochladen

3

Einschalten und loslegen

Teste es

Verwendung von "fix-review". Review commit abc123 fixing SQL injection in user search endpoint

Erwartetes Ergebnis:

Fix verified: Parameterized queries replace string concatenation. Test coverage added for injection attempts. No similar patterns found in adjacent query functions.

Verwendung von "fix-review". Validate fixes for XSS findings in dashboard components

Erwartetes Ergebnis:

3 of 5 findings resolved. Components A and B properly escape output. Components C, D, E still vulnerable - fix incomplete. Recommend blocking merge until all instances addressed.

Sicherheitsaudit

Sicher
v1 • 2/25/2026

All static analysis findings are false positives. The detected URLs are documentation references in markdown, not executable network code. The weak crypto warning on line 3 is incorrect - that line contains only a description string. This skill is documentation-only with no executable code, presenting no security risk.

1
Gescannte Dateien
54
Analysierte Zeilen
0
befunde
1
Gesamtzahl Audits
Keine Sicherheitsprobleme gefunden
Auditiert von: claude

Qualitätsbewertung

38
Architektur
100
Wartbarkeit
87
Inhalt
50
Community
100
Sicherheit
83
Spezifikationskonformität

Was du bauen kannst

Security Team Lead

Review developer commits that claim to fix penetration test findings before merging to main branch

Compliance Officer

Validate that audit findings from external assessors have been properly addressed before compliance sign-off

Development Team

Self-review fix commits before submitting for security team approval to reduce iteration cycles

Probiere diese Prompts

Basic Fix Verification 
Review commit {commit_hash} and verify it addresses audit finding {finding_id}. Check that the fix resolves the root cause and does not introduce new issues.
Full Remediation Review 
Analyze all commits in branch {branch_name} created to address security audit report {report_id}. For each finding, verify the fix is complete, test coverage exists, and no similar vulnerabilities remain in the codebase.
Regression Check 
Compare the code changes in {diff_or_commit} against the original vulnerability description. Identify any potential regressions, side effects, or new attack vectors the fix might introduce.
Pattern-Based Review 
The audit found {vulnerability_type} vulnerabilities at these locations: {locations}. Review commit {commit_hash} and identify if the same pattern exists elsewhere in the codebase that was missed.

Bewährte Verfahren

  • Always compare fixes against the original audit finding description to ensure complete resolution
  • Verify that test cases specifically cover the attack scenario that was fixed
  • Search the codebase for similar patterns that may require the same fix

Vermeiden

  • Accepting fixes that only address symptoms without fixing root causes
  • Merging partial fixes that leave similar vulnerabilities in other locations
  • Skipping regression testing after security fixes are applied

Häufig gestellte Fragen

What information do I need to provide for a fix review?
Provide the commit hash or branch containing fixes, and reference the original audit finding ID or description. Access to the full audit report improves review accuracy.
Can this skill verify that a fix actually works?
This skill performs static analysis to verify fix completeness and correctness. It cannot execute tests but can verify that test coverage was added for the fixed scenario.
How do I know if a fix introduces new vulnerabilities?
The review analyzes code changes for common regression patterns, checks for proper input validation, and identifies potential side effects from the fix approach.
What if the fix only partially addresses a finding?
The review will flag incomplete fixes and identify which aspects remain unaddressed. Partial fixes should not be merged until all aspects are resolved.
Can this skill find similar vulnerabilities elsewhere in the codebase?
Yes, the review includes pattern matching to identify similar vulnerability patterns in other files that may have been missed in the original audit.
Is this skill suitable for compliance documentation?
Yes, the review produces documented evidence of fix verification that can be included in compliance artifacts and audit trails for regulatory requirements.

Entwicklerdetails

Autor

sickn33

Lizenz

MIT

Repository

https://github.com/sickn33/antigravity-awesome-skills/tree/main/web-app/public/skills/fix-review

Ref

main

Dateistruktur

đź“„ SKILL.md