원클릭으로
findings-contract
Defines the compact JSONL finding schema used by all PR specialist agents and the review auditor.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Defines the compact JSONL finding schema used by all PR specialist agents and the review auditor.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | findings-contract |
| description | Defines the compact JSONL finding schema used by all PR specialist agents and the review auditor. |
| license | MIT |
All reviewer agents must return compact JSONL findings. One finding per line.
{
"id": "SEC-001",
"agent": "security-reviewer",
"severity": "blocking",
"category": "security",
"file": "src/auth/token.ts",
"line": 42,
"title": "Access token is logged",
"evidence": "The changed code writes accessToken to structured logs.",
"recommendation": "Remove the token from logs or mask it before logging.",
"confidence": "high"
}
| Field | Values |
|---|---|
id | Stable per agent run, prefix by category, e.g. SEC-001 |
agent | Agent name |
severity | blocking, non_blocking, note |
category | Review category |
file | Relative path, or empty string for repo-level finding |
line | Integer line number or null |
title | Short finding title |
evidence | Concrete evidence from diff/file/tool output |
recommendation | Minimal actionable recommendation |
confidence | high, medium, low |
Resolve GitHub PR review comments safely, read unresolved comments, validate each issue, make minimal fixes, test, commit, and resolve.
Use zero-install context minimization first, with optional local optimization tooling when available.
Accessibility review for semantic HTML, ARIA, keyboard support, focus, screen readers, contrast, and WCAG-oriented issues.
API and contract review for OpenAPI/AsyncAPI/protobuf changes, backwards compatibility, schemas, status codes, and examples.
Architecture review for SOLID, layering, boundaries, coupling, cohesion, extensibility, and maintainability.
Backend review for handlers, services, validation, errors, transactions, dependency boundaries, and service contracts.