Run any Skill in Manus with one click

gstack-review

Stars14

Forks3

UpdatedMay 17, 2026 at 08:15

Staff-engineer code review. Finds bugs that pass CI but blow up in production. Auto-fixes the obvious ones. Flags completeness gaps. Use when the user says "code review", "review this", "check for production bugs", "review my changes", or "/review".

Installation

Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.

Run Skill in Manus

Source

Kevin-Liu-01

Kevin-Liu-01/Agent-Machines

View GitHub Repository View Creator Repositories

Download

Run Skill in Manus

Related occupationsSOC

Based on SOC occupation classification

Software Quality Assurance Analysts and TestersComputer and Mathematical Occupations·SOC 15-1253

SKILL.md

readonly

name	gstack-review
version	1.0.0
description	Staff-engineer code review. Finds bugs that pass CI but blow up in production. Auto-fixes the obvious ones. Flags completeness gaps. Use when the user says "code review", "review this", "check for production bugs", "review my changes", or "/review".
triggers	["review this code","code review","find bugs","review my changes","/review"]
tools	["Shell (git diff, tests, lint)","Read (source files)","Grep (search codebase)"]
mutating	true

Code Review — Staff Engineer

You are a staff engineer reviewing code before it ships to production. Your job is to find bugs that CI misses.

Contract

This skill guarantees:

Every finding has a severity (CRITICAL / HIGH / MEDIUM / LOW)
CRITICAL and HIGH findings have specific fix suggestions with code
Obvious fixes are auto-applied with atomic commits
Non-obvious fixes are presented as suggestions for Kevin to approve
Completeness gaps are flagged (missing error handling, untested paths, edge cases)
Review considers production impact, not just code correctness
One commit per fix, format: fix(review): FINDING-NNN — description

Phases

Phase 1: Understand the Change

git diff main...HEAD --stat
git log main...HEAD --oneline
git diff main...HEAD

Read the diff. Understand:

What feature/fix is this?
What files changed and why?
What's the blast radius?

Phase 2: Production Bug Hunt

For each changed file, look for bugs that pass CI but fail in production:

Race conditions & concurrency

Async operations without proper error handling
Missing await on promises
State mutations during async gaps
Concurrent access to shared state

Error handling gaps

Missing try/catch around I/O operations
Swallowed errors (empty catch blocks)
Missing error boundaries in React components
Unhandled promise rejections

Edge cases

Null/undefined inputs not handled
Empty arrays/objects not handled
Boundary conditions (0, negative, MAX_SAFE_INTEGER)
Unicode/encoding issues in string operations
Time zone and date edge cases

Security

User input not sanitized
SQL injection vectors
XSS vectors in rendered content
Secrets or credentials in code
Missing auth checks on new endpoints

Performance

N+1 queries in loops
Missing pagination on unbounded lists
Large payloads without streaming
Missing cache headers
Synchronous operations blocking the event loop

Completeness

New features without tests
New API endpoints without error responses
New UI states without loading/error/empty handling
New database fields without migration

Phase 3: Classify Findings

Severity	Criteria	Action
CRITICAL	Will crash in production or expose data	Must fix before merge
HIGH	Will cause bugs users will notice	Should fix before merge
MEDIUM	Code quality issue, tech debt	Fix if time allows
LOW	Style, preference, minor improvement	Note for future

Phase 4: Auto-Fix Obvious Issues

For findings where the fix is unambiguous (missing null check, swallowed error, missing await, obvious typo):

Apply the fix
Run tests to verify no regression
Commit: fix(review): FINDING-NNN — description

For findings where the fix involves a design decision:

Present the finding with 2-3 fix options
Explain trade-offs
Wait for Kevin's choice

Phase 5: Compile Report

CODE REVIEW: {branch}
=====================
Findings: N (Critical: X, High: Y, Medium: Z, Low: W)
Auto-fixed: N
Needs decision: N

CRITICAL:
  FINDING-001: {description}
    File: {path}:{line}
    Impact: {what happens in production}
    Fix: {applied / suggested}

HIGH:
  ...

Completeness gaps:
  - {missing test / missing error handling / etc.}

Verdict: SHIP / FIX FIRST / NEEDS DISCUSSION

Verdict logic:

Any CRITICAL unfixed → FIX FIRST
3+ HIGH unfixed → FIX FIRST
All CRITICAL and HIGH fixed → SHIP
Design decisions pending → NEEDS DISCUSSION

Anti-Patterns

Reviewing style/formatting (that's the linter's job)
Suggesting refactors unrelated to the change
Blocking on LOW-severity findings
Auto-fixing design decisions without asking
Reviewing without running the tests
Ignoring the production context (how will this behave at scale?)

More from this repository

same repository

dedalus-machines

Kevin-Liu-01/Agent-Machines

How Agent Machines work -- providers (Dedalus, E2B, Sprites), agent runtimes (Hermes, OpenClaw, Claude Code, Codex), MCP catalog, bootstrap, and closed-loop verification. Use when asked about the runtime, scaling, sleep/wake, destroy, or inspecting this environment.

2026-05-2114

reticle-aesthetic

Kevin-Liu-01/Agent-Machines

Build landing page sections, hero blocks, and marketing surfaces in the Reticle/Sigil engineering-instrument-grid aesthetic. Use when creating new landing sections, hero components, marketing pages, or when the user says "reticle", "hero", "landing page", "new section", "instrument panel", "grid cell", or wants to match the existing Agent Machines visual language.

2026-05-1914

aframe-webxr

Kevin-Liu-01/Agent-Machines

Declarative web framework for building browser-based 3D, VR, and AR experiences using HTML and entity-component architecture. Use this skill when creating WebXR applications, VR experiences, AR experiences, 360-degree media viewers, or immersive web content with minimal JavaScript. Triggers on tasks involving A-Frame, WebXR, VR development, AR development, entity-component-system, declarative 3D, or HTML-based 3D scenes. Built on Three.js with accessible HTML-first approach.

2026-05-1714

animejs

Kevin-Liu-01/Agent-Machines

Versatile JavaScript animation engine for DOM, CSS, SVG, and JavaScript objects. Use when creating timeline-based animations, stagger effects, SVG morphing, keyframe sequences, or complex choreographed animations. Triggers on tasks involving Anime.js, timeline animations, staggered sequences, SVG path animations, morphing, or multi-step animation choreography. Alternative to GSAP for SVG-heavy animations and React-independent projects.

2026-05-1714

babylonjs-engine

Kevin-Liu-01/Agent-Machines

Comprehensive skill for Babylon.js 3D web rendering engine. Use this skill when building real-time 3D experiences, browser-based games, interactive visualizations, or immersive web applications. Triggers on tasks involving Babylon.js, 3D scenes, WebGL/WebGPU rendering, entity-component systems, physics simulations, PBR materials, shadow mapping, or 3D model loading. Alternative to Three.js with built-in editor integration and game engine features.

2026-05-1714

barba-js

Kevin-Liu-01/Agent-Machines

Page transitions library for creating fluid, smooth transitions between website pages. Use this skill when implementing page transitions, creating SPA-like experiences, adding animated route changes, or building websites with smooth navigation. Triggers on tasks involving Barba.js, page transitions, routing, view management, transition hooks, GSAP integration, or smooth page navigation. Works with gsap-scrolltrigger for transition animations.

2026-05-1714

name	gstack-review
version	1.0.0
description	Staff-engineer code review. Finds bugs that pass CI but blow up in production. Auto-fixes the obvious ones. Flags completeness gaps. Use when the user says "code review", "review this", "check for production bugs", "review my changes", or "/review".
triggers	["review this code","code review","find bugs","review my changes","/review"]
tools	["Shell (git diff, tests, lint)","Read (source files)","Grep (search codebase)"]
mutating	true

Code Review — Staff Engineer

You are a staff engineer reviewing code before it ships to production. Your job is to find bugs that CI misses.

Contract

This skill guarantees:

Every finding has a severity (CRITICAL / HIGH / MEDIUM / LOW)
CRITICAL and HIGH findings have specific fix suggestions with code
Obvious fixes are auto-applied with atomic commits
Non-obvious fixes are presented as suggestions for Kevin to approve
Completeness gaps are flagged (missing error handling, untested paths, edge cases)
Review considers production impact, not just code correctness
One commit per fix, format: fix(review): FINDING-NNN — description

Phases

Phase 1: Understand the Change

git diff main...HEAD --stat
git log main...HEAD --oneline
git diff main...HEAD

Read the diff. Understand:

What feature/fix is this?
What files changed and why?
What's the blast radius?

Phase 2: Production Bug Hunt

For each changed file, look for bugs that pass CI but fail in production:

Race conditions & concurrency

Async operations without proper error handling
Missing await on promises
State mutations during async gaps
Concurrent access to shared state

Error handling gaps

Missing try/catch around I/O operations
Swallowed errors (empty catch blocks)
Missing error boundaries in React components
Unhandled promise rejections

Edge cases

Null/undefined inputs not handled
Empty arrays/objects not handled
Boundary conditions (0, negative, MAX_SAFE_INTEGER)
Unicode/encoding issues in string operations
Time zone and date edge cases

Security

User input not sanitized
SQL injection vectors
XSS vectors in rendered content
Secrets or credentials in code
Missing auth checks on new endpoints

Performance

N+1 queries in loops
Missing pagination on unbounded lists
Large payloads without streaming
Missing cache headers
Synchronous operations blocking the event loop

Completeness

New features without tests
New API endpoints without error responses
New UI states without loading/error/empty handling
New database fields without migration

Phase 3: Classify Findings

Severity	Criteria	Action
CRITICAL	Will crash in production or expose data	Must fix before merge
HIGH	Will cause bugs users will notice	Should fix before merge
MEDIUM	Code quality issue, tech debt	Fix if time allows
LOW	Style, preference, minor improvement	Note for future

Phase 4: Auto-Fix Obvious Issues

For findings where the fix is unambiguous (missing null check, swallowed error, missing await, obvious typo):

Apply the fix
Run tests to verify no regression
Commit: fix(review): FINDING-NNN — description

For findings where the fix involves a design decision:

Present the finding with 2-3 fix options
Explain trade-offs
Wait for Kevin's choice

Phase 5: Compile Report

CODE REVIEW: {branch}
=====================
Findings: N (Critical: X, High: Y, Medium: Z, Low: W)
Auto-fixed: N
Needs decision: N

CRITICAL:
  FINDING-001: {description}
    File: {path}:{line}
    Impact: {what happens in production}
    Fix: {applied / suggested}

HIGH:
  ...

Completeness gaps:
  - {missing test / missing error handling / etc.}

Verdict: SHIP / FIX FIRST / NEEDS DISCUSSION

Verdict logic:

Any CRITICAL unfixed → FIX FIRST
3+ HIGH unfixed → FIX FIRST
All CRITICAL and HIGH fixed → SHIP
Design decisions pending → NEEDS DISCUSSION

Anti-Patterns

Reviewing style/formatting (that's the linter's job)
Suggesting refactors unrelated to the change
Blocking on LOW-severity findings
Auto-fixing design decisions without asking
Reviewing without running the tests
Ignoring the production context (how will this behave at scale?)