一键导入
migration-review
[pr-review-focus-area: DB Migrations] Review database migrations for safety, deploy ordering, and data integrity.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
[pr-review-focus-area: DB Migrations] Review database migrations for safety, deploy ordering, and data integrity.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | migration-review |
| description | [pr-review-focus-area: DB Migrations] Review database migrations for safety, deploy ordering, and data integrity. |
| user-invocable | true |
| allowed-tools | ["Read","Grep","Glob"] |
Review database migrations for production safety.
/migration-review — reviews changed migration and schema files.
Migrations should be additive by default. Destructive changes require a two-phase deployment plan.
CREATE INDEX without CONCURRENTLY on large tables (locks table).Dispatch to the data-engineer subagent with the findings collected above. Ask it to apply its data-layer lens — migration safety, lock behavior at production scale, two-phase deploys, and data integrity under concurrent writes — to the findings. Integrate its top findings into the Report Format below; do not replace the skill's verdict contract.
Invocation:
Agent({
subagent_type: "data-engineer",
description: "Migration senior review",
prompt: "Review these migration findings: <summary of ordering, data-migration, index-safety, rollback, and schema-diff findings>. Apply senior scrutiny to migration safety, two-phase deploy sequencing (code-before-schema vs schema-before-code), and data integrity under concurrent writes during the rollout window. Return top deploy risks in severity order."
})
## Migration Review
- [FAIL] 0042_add_status.sql — adds NOT NULL column without default
- [WARN] 0043_rename_email.sql — column rename should be two-phase
- [PASS] 0044_add_index.sql — uses CREATE INDEX CONCURRENTLY
### Deploy Plan Required: YES
Recommended deploy sequence documented above.
Research a work item, draft an implementation plan, and begin work after approval.
Guided one-shot install — discover installed plugins (or help install new ones), pick install scope, calibrate risk tolerance into a concrete allowlist + hooks, scaffold or merge CLAUDE.md, and sanity-check the result.
Finalize work — commit via /commit, push, and create PRs on feature branches.
Reviewer-side PR workflow — checks out the branch in a worktree, runs focus-area reviews plus a senior-engineering pass, optionally cross-checks against an autonomous reviewer, and posts inline findings only on explicit approval. Read-only — never edits, commits, or pushes.
Fetch PR review comments, classify by severity and confidence, and fix the selected subset.
Triage CVE and SBOM scanner output (Trivy, Grype, Snyk, Docker Scout, Dependabot) into a ranked, deduplicated action list.