Run any Skill in Manus with one click

review-audit-bridge

Keep code review, security review, and QA passes evidence-based and stage-aware for this repo. Use when a ticket already has an approved plan and implementation evidence and a review lane needs structured findings.

Run Skill in Manus

Overview

Install command

npx skills add https://github.com/merceralex397-collab/GPTTalker --skill review-audit-bridge

Copy and paste this command into Claude Code to install the skill

Source

merceralex397-collab/GPTTalker

Stars0

Forks0

UpdatedApril 13, 2026 at 00:02

File Explorer

2 files

SKILL.md

readonly

name	review-audit-bridge
description	Keep code review, security review, and QA passes evidence-based and stage-aware for this repo. Use when a ticket already has an approved plan and implementation evidence and a review lane needs structured findings.

Review Audit Bridge

Before starting a code review, security review, or QA pass, call skill_ping with skill_id: "review-audit-bridge" and scope: "project".

Use this skill after implementation exists. It bridges the review and QA lanes so they return evidence-backed findings instead of vague commentary. This is a generated repo-local skill. It may recommend remediation or reverification follow-up, but it does not become the canonical ticket owner by itself.

Prioritize findings in this order:

correctness bugs
behavior regressions
security or trust issues
missing tests or validation gaps
maintainability concerns

Return:

For code review or security review:
1. Findings ordered by severity
2. Risks
3. Validation gaps
4. Blockers or approval signal
For QA:
1. Checks run
2. Pass or fail
3. Blockers
4. Closeout readiness

Rules:

findings come first; do not open with praise or a summary
reference exact files, diffs, commands, or artifact paths
if the approved plan, implementation artifact, or required validation context is missing, return a blocker instead of inferring correctness
use ticket-execution for lifecycle order and project-context for canonical repo docs
run the repo's build command, lint or type-check command, and reference-integrity checks when those quality gates exist for the active stack; include the raw command output in the review or QA artifact
if any required build, lint, type-check, or reference-integrity command fails, the verdict must be FAIL and the artifact must name the failing command plus the concrete error
when reviewing or validating a remediation ticket with finding_source, rerun the original finding-producing command first, confirm the specific failure is gone, then check that adjacent quality gates still pass
write any workflow-failure explanation or review retrospective to the repo-local process-log path described in references/review-contract.md
recommend follow-up tickets only when current evidence justifies them, and route canonical ticket creation through the repo's guarded ticket workflow
do not claim that repo files changed

References

references/review-contract.md

More from this repository

same repository

stack-standards

merceralex397-collab/GPTTalker

Hold the project-local standards for languages, frameworks, validation, and runtime assumptions. Use when planning or implementing work that should follow repo-specific engineering conventions.

2026-04-190

ticket-execution

merceralex397-collab/GPTTalker

Follow the required ticket lifecycle for this repo. Use when an agent is advancing a ticket through planning, review, implementation, QA, deterministic smoke testing, and closeout and needs the repo-specific stage rules.

2026-04-190

model-operating-profile

merceralex397-collab/GPTTalker

Apply the `Weak-tier evidence-first profile` operating profile for the selected downstream models. Use when shaping prompts, delegation briefs, review asks, or evidence requests for this repo.

2026-04-130

context-intelligence

merceralex397-collab/GPTTalker

Hold GPTTalker’s Qdrant, indexing, issue-memory, and cross-repo intelligence conventions.

2026-03-160

mcp-protocol

merceralex397-collab/GPTTalker

Hold GPTTalker-specific MCP hub rules for tool contracts, policy enforcement, and fail-closed behavior.

2026-03-160

node-agent-patterns

merceralex397-collab/GPTTalker

Hold GPTTalker’s node-agent design rules for local execution, Tailscale transport, and bounded subprocess work.

2026-03-160

Source

merceralex397-collab

merceralex397-collab/GPTTalker

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Software Quality Assurance Analysts and TestersComputer and Mathematical Occupations15-1253L4

name	review-audit-bridge
description	Keep code review, security review, and QA passes evidence-based and stage-aware for this repo. Use when a ticket already has an approved plan and implementation evidence and a review lane needs structured findings.

Review Audit Bridge

Before starting a code review, security review, or QA pass, call skill_ping with skill_id: "review-audit-bridge" and scope: "project".

Prioritize findings in this order:

correctness bugs
behavior regressions
security or trust issues
missing tests or validation gaps
maintainability concerns

Return:

For code review or security review:
1. Findings ordered by severity
2. Risks
3. Validation gaps
4. Blockers or approval signal
For QA:
1. Checks run
2. Pass or fail
3. Blockers
4. Closeout readiness

Rules:

findings come first; do not open with praise or a summary
reference exact files, diffs, commands, or artifact paths
if the approved plan, implementation artifact, or required validation context is missing, return a blocker instead of inferring correctness
use ticket-execution for lifecycle order and project-context for canonical repo docs
run the repo's build command, lint or type-check command, and reference-integrity checks when those quality gates exist for the active stack; include the raw command output in the review or QA artifact
if any required build, lint, type-check, or reference-integrity command fails, the verdict must be FAIL and the artifact must name the failing command plus the concrete error
when reviewing or validating a remediation ticket with finding_source, rerun the original finding-producing command first, confirm the specific failure is gone, then check that adjacent quality gates still pass
write any workflow-failure explanation or review retrospective to the repo-local process-log path described in references/review-contract.md
recommend follow-up tickets only when current evidence justifies them, and route canonical ticket creation through the repo's guarded ticket workflow
do not claim that repo files changed

References

references/review-contract.md