| name | review-pr |
| description | Use when reviewing pull requests for bugs, regressions, SSR breakage, security risks, SonarLint issues, and missing tests. |
| argument-hint | Provide PR scope or changed files |
| user-invocable | true |
Pull Request Review Workflow
Use This Skill When
- Reviewing any non-trivial PR.
- Validating release-critical changes.
- Performing final merge readiness checks.
Review Priorities
- Security vulnerabilities.
- SSR correctness and hydration stability.
- Functional regressions.
- Architecture violations.
- Missing tests and observability gaps.
- Performance and maintainability issues.
Step-by-Step Process
- Understand intent and changed files.
- Group changes by architecture layer.
- Validate contract and type changes.
- Check SSR-sensitive code paths.
- Check security-sensitive data paths.
- Validate test coverage for critical paths.
- Triage SonarLint findings on changed files.
- Produce severity-ordered findings.
Findings Severity Model
- High: merge-blocking risk (security/data-loss/SSR break).
- Medium: important but non-blocking in some contexts.
- Low: maintainability/readability with low immediate risk.
Required Output
Findings first, ordered high -> low.
Evidence with file/line pointers when possible.
Recommendation with concrete fix for each finding.
Open Questions for unclear assumptions.
Residual Risk summary if merge proceeds.
If no findings: explicitly state no blocking findings and list residual testing gaps.