Run any Skill in Manus with one click

$pwd:

reviewing-code-in-faber

Name: Reviewing Code In Faber
Author: blaknite

// Performs a code review inside a faber task and returns findings as the final assistant message. Use when the faber review command dispatches a task to review a branch, the current branch, or a pull request.

Run Skill in Manus

$ git log --oneline --stat

stars:8

forks:1

updated:May 6, 2026 at 04:30

SKILL.md

readonly

package.json

"author": "blaknite"

"repository": "blaknite/faber"

View GitHub Repository

$ install --globalskills.sh

$ download --local

Run Skill in Manus

[HINT] Download the complete skill directory including SKILL.md and all related files

Run any Skill with one click

name	reviewing-code-in-faber
description	Performs a code review inside a faber task and returns findings as the final assistant message. Use when the faber review command dispatches a task to review a branch, the current branch, or a pull request.

Autonomous Code Review

Thorough analysis, selective output.

Perform a complete code review but only surface what matters. High-confidence findings go in the final message. Everything else is held back — if the developer wants more, they can reopen the session and ask.

The review runs inside a faber task. You're already on a worktree checked out at the target ref, based on <reviewBase>. The output artifact is your final assistant message in this session — not a GitHub review, not a comment, not a PR submission. Whoever ran faber review will read that message in their terminal (or via faber read <taskId>).

Design principles

Default to skepticism. Assume the change can fail in subtle, high-cost, or user-visible ways until the evidence says otherwise. Read to find where it falls over, not to confirm it works.
Read everything, comment where it counts. Analyze the full diff thoroughly. Surface as much as the change requires. Nothing more.
Confidence determines visibility. Only surface findings you can prove. Hold the rest back.
Respect attention. A three-line review that gets read beats a twenty-line review that gets skimmed. If the change is clean, say so in a sentence or two and stop.

Confidence tiers

Classify every finding by how it was derived. The tier shapes how you frame the finding in the final message.

Tier 1: Provably correct or incorrect

Things you can demonstrate are wrong by explaining exactly why they fail. Dead code with zero call sites. Broken method signatures. Code that won't behave as intended because of how the language, framework, or surrounding system works. Code that's wrong for an input or state it claims to handle.

These are facts, not opinions. State them plainly.

Tier 2: Pattern deviations

The code does something differently from how the rest of the codebase handles it. Every other hook sets retry: false but this one doesn't. Every other controller rescues ActiveRecord::RecordNotFound but this one lets it bubble. The naming convention used everywhere else wasn't followed here.

This includes deviations by omission: something the pattern calls for is missing. Every other public method in the class has tests but the new ones don't. Every other endpoint has authorization checks but this one skips it. The absence is the deviation.

You can demonstrate these by pointing to the existing pattern, but you can't know if the deviation is intentional. Surface them as questions: "I noticed this differs from the pattern in X. Intentional?"

Tier 3: Behavioral reasoning

Findings that require reasoning about runtime behavior, user interaction, timing, or failure modes. "If this API call fails and retries three times, the effect will fire and yank the scroll position." "Under concurrent access this could race."

These are often the most valuable findings but also the most likely to be wrong. Surface them, but own the ambiguity. Frame them as reasoning, not facts: "I think this might..." or "I traced this path and it looks like..." The author knows more about how this runs in production than you do.

Workflow

1. Understand what you're reviewing

Your prompt names the target and the base branch — something like "Review branch feature-x against main" or "Review pull request #123 against main". HEAD is already on the target. Confirm with git status if you need to.

For PR reviews, the prompt includes the PR URL and title. Fetch the PR body and any linked Linear issue to understand the intended change:

gh pr view <number> --json body,title,author

If the PR body references an issue (e.g. ENG-123), load the using-linear skill and read the issue to understand the acceptance criteria.

For branch or current-branch reviews there's often no PR and no issue. Work from commit messages and the diff. Don't go hunting for context that isn't there.

The prompt may include ## Original task (the prompt the task was originally given, when reviewing a faber task) and ## Additional context (any extra direction passed via --context). Treat these as the stated intent for the change. They replace the role a PR body would play in PR mode -- don't go hunting for context elsewhere when these are present.

2. Read the diff

Get the full diff against the review base:

git diff <reviewBase>...HEAD

And the list of changed files:

git diff <reviewBase>...HEAD --name-only

The base is whatever the prompt named. For PR reviews you can also use gh pr diff <number> — same content, different framing.

3. Read the PR conversation (PR mode only)

Skip this step for branch or current-branch reviews.

For PR reviews, read any existing review comments. The developer asked faber for a review, but human reviewers may have already raised concerns — duplicating those wastes the reader's time:

gh api repos/<owner>/<repo>/pulls/<number>/comments --paginate

Note what's been raised and what's been resolved. You'll dedupe against this when you write the final message.

4. Understand the code

Before looking for issues, work out what the code actually does and why it does it that way.

Read the changed lines in context — what calls them, what they call, how they fit into the system around them.

Pay particular attention to external inputs and systems the code interacts with: their full range of behaviour is rarely obvious from the call site. When the code uses something external — a command, an API, a library — look up what it actually does. Don't trust the calling code's assumptions.

For each significant piece, ask what alternatives the author implicitly rejected and what constraints they were optimising for. The choice the code makes is information about the problem the author was trying to solve.

5. Review the code

Now find where it fails. With the understanding you built in step 4, trace each thing the code claims to handle and look for where it falls over. If something only works on the happy path, that's a real weakness. Code that fails for an input or state it claims to support is a Tier 1 finding.

Also look for places where the code is correct but the approach is questionable. Ask yourself "why this way?" of every significant choice.

Look for what's missing, not just what's wrong. If the codebase establishes a pattern (tests for each method, migrations paired with schema changes, docs updated alongside config), check whether the change follows it. Missing artifacts that the pattern calls for are Tier 2 findings.

Also worth a look:

Structure. Does the code fit the codebase? Existing patterns and conventions, available abstractions, nesting that could be flattened with early returns.
Performance. Only flag if obviously problematic — O(n²) on unbounded data, N+1 queries, blocking I/O on hot paths.
Behaviour changes. If the change introduces one (especially unintentionally), raise it.

This is where the most valuable findings come from. Don't shortcut it.

6. Classify

Go through every finding and assign a confidence tier:

Can I explain exactly why this is wrong? -> Tier 1
Can I point to an existing pattern this deviates from? -> Tier 2
Am I speculating about what might happen? -> Tier 3

If a finding is weaker than Tier 3 — a gut feeling you can't ground in anything — drop it.

7. Write the final message

Refer to Kind Feedback for instructions on your communication style. Your audience is the developer who ran faber review — usually the author of the change — reading your message in a terminal.

Structure:

A concise summary of the change and your overall read. What does it do? Is the approach sound? Any areas of concern? Keep it short and honest.
Findings, most significant first. For each finding, give a path/to/file.ts:42 reference, a short description of the concern, and (where useful) a suggested fix.
Close. If there are unresolved questions for the author, name them plainly.

Frame findings according to their tier:

Tier 1 — state them plainly. "src/foo.ts:42 — this branch is unreachable because kind was narrowed to 'a' on line 38."
Tier 2 — frame as a question. "src/foo.ts:42 — the other handlers in this file call logError before re-throwing. Intentional that this one doesn't?"
Tier 3 — own the ambiguity. "src/foo.ts:42 — I think this might race if two callers hit it at the same time. Worth checking."

If the change is clean, say so in one or two sentences and stop. Don't pad. Don't invent findings.

Do not include:

A "summary of the diff" section that just restates what the code does. The reader wrote it.
Praise like "great work" or "nicely done." If the code is good, a short review is the signal.
A conclusion or sign-off. End on your last finding (or on the "looks clean" line).

State where the fix belongs, not where the symptom appears. The reader should be able to understand the issue with minimal effort.

Every finding must start with a short intent label ("Nit:", "Minor:", "Thought:", "Important:", "Blocking:") that tells the author how much weight to give it. Avoid disclaimer sentences. The label handles severity signalling.

# Review Findings

<summary of the change and your read>

## 1. `src/foo.ts:42`

<comment text>

```suggestion
replacement line
```

## 2. `src/bar.ts:15-18`

<comment text>

```suggestion
replacement block
```

What not to do

Don't comment on style unless it violates a linter rule that isn't being caught. The linter's job is style. Your job is substance.
Don't explain what the code does back to the author. They wrote it.
Don't praise the change. If the code is good, the review is short. That's the signal.
Don't invent findings to pad the output. A clean review is allowed to be two sentences long.
Don't suggest refactors that aren't related to the change's intent. Stay in scope.
Don't caveat every finding with "I might be wrong but..." The tier framing handles uncertainty. Trust it.
By default, the final message is the artefact and you do not post to GitHub. When the prompt explicitly directs you to submit the review, follow the Submitting section below — don't post in any other circumstance.

Kind Feedback

Principles for giving kind, honest, effective feedback. Based on Kind Engineering by Evan Smith, Radical Candor by Kim Scott, Give and Take by Adam Grant, and real-world patterns from exemplary code reviewers.

Kind vs. Nice

Nice is polite and agreeable. Kind is invested in helping someone grow.

Nice brings in cake. Kind advocates for your promotion behind the scenes.
Nice says "good job!" when the meeting went badly. Kind says what went well, what didn't, and how to improve.
White lies are nice but they don't help people grow.

Be kind, not just nice. Meet people where they are, not where you are.

The Three Elements of Giving Feedback

Every piece of feedback needs all three:

1. Emotion

Take the listener's emotions into account, not your own. Set your own feelings aside so the message stays clear. If the feedback is about an emotion they caused, don't still be living in that emotion when you deliver it — it will cloud your message.

2. Credibility

Demonstrate expertise and humility. Call out what went well alongside what needs to change. Building credibility over time makes future feedback land better.

3. Logic

Show your work. Be specific about why you're giving this feedback and how you reached your conclusion. Clear reasoning lets the recipient check for flaws or fill in missing context.

Understand the Why, Not Just the How

Put yourself in the author's shoes. Why did they make this change? Why this approach?
Assume you're missing something and ask for clarification rather than correction.
Ask open-ended questions instead of strong statements. Give people the chance to fill in gaps in your understanding.

Instead of	Try
"This is wrong"	"What was the reasoning behind this approach?"
"We do it like this"	"Have you considered X? It might handle Y better because..."
"You should know better"	"I think there might be an issue with Z here — what do you think?"

Own the Confusion

When something is unclear, frame it as your experience, not the author's failure. This invites clarification without blame.

Instead of	Try
"This is confusing"	"Upon first read, I was a little confused by this condition"
"This is hard to follow"	"It took me a few reads of this method to get it, but I got there in the end"
"You need to explain this"	"I wonder if a short doc comment would help here — it took me a moment to see what's happening"

Signal Blocking Status

The author needs to know how much weight to give your feedback. Most of the time your tone already does this. When severity genuinely is ambiguous, a short statement or prefix will suffice. Don't restate what the tone or a prefix already conveys.

Keep It Concise

Focus on what matters most. Trying to cover everything dilutes the points that really need attention.
Being concise matters. The longer the feedback, the harder it is to act on.
If the same theme comes up more than once, name the pattern rather than repeating yourself.

Match Explanation Depth to Expertise

Pay attention to what someone has already demonstrated they know. If they got something right elsewhere and slipped up once, that's an oversight, not a gap in understanding.
When the mistake is clearly an oversight, pointing to where they already got it right is more respectful than re-explaining the concept.
Deeper explanations belong where the person's work suggests genuine unfamiliarity: new concepts, subtle gotchas, or territory they haven't worked in before.

Be Direct When It Matters

Kindness and directness aren't opposites. Being vague about a real problem isn't kind, it's confusing.
When something is clearly wrong, say so plainly.
Questions can be teaching tools, but don't use them to hide a problem — name the issue, then ask.

Don't Make It Personal

Comment on work and actions, not the person
We are not defined by our work — a mistake is not a personal failing
Be specific: specificity shows attention and makes both praise and criticism feel genuine
Understand individual failure is usually a failure of process, environment, or workflow - focus on fixing the system

Always Offer a Path Forward

If you give critical feedback, offer a solution or a first step
"Your answer was a bit rambly and you missed the chance to convince the team. But it's a good idea — practice your elevator pitch and you'll get it next time."
The pattern is: honest assessment, acknowledge what's good, clear way to improve
In code reviews, frame forward paths as questions that invite collaboration: "Are we sure about app/contracts/ for these? Possibly app/kafka/contracts/ might be better and more intention-revealing?"
Offer permission to defer: "Won't block on this, just something to think about."

Turn Failure Into Learning

Every failure is an opportunity to grow
To promote innovation, people need to feel safe taking risks
Use the retrospective framework: What went well? What went badly? What should we do differently?

Advocate for the Next Reader, Not Your Preferences

Frame suggestions in terms of future readers, not personal taste. This depersonalizes the feedback and makes it about the codebase.
"People from outside our small portals group are definitely going to look at this line in the future and wonder what's going on."
"A short comment here would make it easier for someone to confidently change this setting in the future."
The argument isn't "I want this" — it's "the codebase needs this." That's much harder to take personally.

Empower, Don't Gatekeep

Grant the author decision-making autonomy wherever possible.
"I'll trust you to decide what you'd like to do now vs after merging."
"You should feel empowered to make the call here."
"I'm more than happy to trust you with this particular call!"
Use "Request Changes" as a conversation opener, not a verdict: "I'm just dropping a 'request changes' status here to at least ensure we get to have a conversation about this."
Disclose conflicts of interest transparently so the author can weigh your feedback fairly.

Be Inclusive

Be aware of people's backgrounds, experiences, and communication preferences
Watch for people who don't speak up in meetings — find ways to give them a voice
Let people express themselves in whatever format works for them
Kindness is not "meet me halfway" — it's meeting people where they are

Submitting

Follow this section only when the prompt explicitly directs you to submit the review to GitHub. In all other circumstances, the final message is the artefact and you do not post.

1. Map every comment to a valid target line

The draft's path:line references are approximate. For each comment, find the exact line GitHub will accept.

Use faber's helper once per comment:

faber agent comment-targets <pr-number> <path> <line>

Output is plain text — <line>: <content> for every right-side line within ±5 of <line> that's inside a changed hunk:

38: function compute(input) {
39:   const x = input * 2
40:   return x
41: }
42: const foo = compute(input)

Read the output. Pick the line whose content matches what the comment is really about — based on the comment's intent, not numerical proximity to the draft's line number.

Recovery for empty output:

No output. Either the file isn't changed by this PR, or every line in [draft - 5, draft + 5] was a removed line. Try --all:
```
faber agent comment-targets <pr-number> <path> --all
```
This lists every targetable line in <path>. If still no output, the file either isn't changed by this PR or only has deletions (which GitHub doesn't accept as comment targets). Drop the comment in either case.

Three outcomes:

Match at the draft's line. Keep the comment as-is.
Match on a different line. Update the comment's line to the matched line.
No content matches anywhere in the file's changed lines. The comment is about unchanged code, not changes in this PR. Drop the comment.

Note in the submission report any comments that were dropped or moved, with the original location and the reason.

<pr-number> is the PR number. The subcommand uses gh to resolve the PR's repo from the current working directory's git remote, so the agent must be running inside the worktree (it always is during a faber task).

2. Build the payload

Collect the surviving comments with their path/line (and start_line only when the comment covers a multi-line range). Use side: "RIGHT" — line is the line number in the new file.

Comment bodies preserve their intent labels and any ```suggestion ``` fences from the draft.

3. Submit as a single batched review

Always pass the payload via --input - (stdin) rather than -f field flags. -f converts numbers to strings and the API rejects integer fields like line with 422.

Pipe directly into gh using a heredoc:

gh api repos/<owner>/<repo>/pulls/<number>/reviews --method POST --input - <<'PAYLOAD'
{
  "event": "COMMENT",
  "body": "<the summary text from the review>",
  "comments": [
    {
      "path": "src/foo.ts",
      "line": 42,
      "side": "RIGHT",
      "body": "Blocking: <comment text>\n\n```suggestion\nreplacement line\n```"
    }
  ]
}
PAYLOAD

This is a single gh invocation. The cleanroom allow-list permits gh *.

Event selection:

Any Blocking: or Important: finding → REQUEST_CHANGES
Otherwise → COMMENT
Never APPROVE. Approval is a human decision.

If the API returns non-2xx, produce a # Review Submission Failed final message including the error body and the comments it tried to post, so the user can retry manually. Don't auto-retry.

The response includes html_url. Use that in the submission report.

4. Write the submission report

The submission report is the final message when --post was set. It replaces the # Review Findings artefact:

# Review Posted

<one-line summary: number of comments + event type>

<URL of the submitted review>

## Summary

<the body that was posted as the review summary>

## Comments

### 1. `path/to/file.ts:42` — Blocking

<the comment body, as posted>

### 2. `path/to/file.ts:60-63` — Nit

<the comment body, as posted>

If the review had no inline findings, the report shows the summary and "0 inline comments". Note any comments that were dropped or moved during line mapping.

name	reviewing-code-in-faber
description	Performs a code review inside a faber task and returns findings as the final assistant message. Use when the faber review command dispatches a task to review a branch, the current branch, or a pull request.