# Review Code Changes Before Commit

Large changes can hide security, type safety, and performance issues before review. This skill guides Claude, Codex, or Claude Code through a structured pre-commit review workflow.

## Install

```bash
npx skillstore add barissozen/full-review
```

## Metadata

- - Status: approved
- - Slug: barissozen-full-review
- - Version: 1.0.0
- - Author: BarisSozen
- - GitHub username: BarisSozen
- - License: MIT
- - Repository: https://github.com/BarisSozen/claude/tree/main/.claude/skills/full-review
- - Ref: main
- - Supported tools: Claude, Codex, Claude Code
- - Risk level: low
- - Risk factors: external\_commands, filesystem
- - Quality score: 78
- - Quality tier: bronze
- - Public page: https://skillstore.pages.dev/skills/barissozen-full-review
- - Manifest: https://skillstore.pages.dev/api/skills/barissozen-full-review/manifest

## Capabilities

- Identifies changed files using local git diff and git status commands.
- Maps file paths to relevant review skills and domain checklists.
- Applies security, DeFi, type safety, performance, and code quality checks.
- Produces a structured report with critical issues, warnings, suggestions, and readiness status.
- Offers optional fixes for critical issues after showing the proposed change.

## Use Cases

- Pre-Commit Review: Check local changes before committing and receive a clear list of blocking issues.
- Pre-Merge Quality Gate: Review a branch for security, type safety, performance, and integration concerns before merging.
- Domain-Specific DeFi Audit: Apply DeFi, blockchain, and RPC checks to changes that touch tokens, swaps, protocols, or pricing.

## Prompt Templates

### Basic Change Review

```
Use full-review to review my current changes before I commit. Focus on critical issues first.
```

### Focused Security Review

```
Run full-review on my changed files. Prioritize SQL injection, XSS, command injection, secrets, validation, and rate limiting.
```

### Frontend and API Review

```
Use full-review for this branch. Check React states, TanStack Query usage, API schemas, database changes, and error handling.
```

### Advanced DeFi Review

```
Run full-review on the changed protocol and trading files. Include token decimals, slippage, BigInt handling, multicall failures, and price validation.
```

## Limitations

- It depends on the review skills available in the active assistant environment.
- It does not run tests or linters unless the assistant chooses additional commands.
- It is tailored toward TypeScript, React, Rust, PostgreSQL, and DeFi projects.
- It can miss issues that require runtime context, production data, or external system access.

## Best Practices

- Run the skill after staging or saving all intended changes so the diff is complete.
- Ask for a focused review area when the branch is large or time is limited.
- Review proposed fixes before allowing the assistant to edit files.

## Anti Patterns

- Do not treat the report as a replacement for tests, linters, or human code review.
- Do not use it on unrelated large branches without narrowing the review scope.
- Do not approve automatic fixes without reading the proposed change.

## Security Audit

- - Safe to publish: true
- - Audited at: 2026-06-28T12:48:50.806\+00:00
- - Summary: Static analysis flagged many command and blocker patterns, but most are Markdown examples, inline file globs, checklist text, or report-format placeholders. The only confirmed behavior is read-only local git inspection with stderr redirected to /dev/null, which is expected for a code review skill and shows no network, credential access, or prompt-injection attempt.

## Stats

- - Views: 264
- - Downloads: 4
- - Favorites: 0
- - Popularity score: 0
