一键导入
paw-review-impact
Analyzes system-wide impact of PR changes including integration effects, breaking changes, performance, and security implications.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Analyzes system-wide impact of PR changes including integration effects, breaking changes, performance, and security implications.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Orchestrates the PAW Review workflow, coordinating activity skills to analyze PRs and generate comprehensive review feedback.
Shared git mechanics for PAW activity skills including branch naming conventions, strategy-based branching logic, and selective staging discipline.
Bootstrap skill for PAW workflow initialization. Creates WorkflowContext.md, directory structure, and git branch. Runs before workflow skill is loaded.
Workflow status activity skill for PAW workflow. Diagnoses workflow state, recommends next steps, explains PAW process, and optionally posts updates to Issues/PRs.
Pre-PR review activity skill for PAW workflow. Reviews implementation against spec before Final PR creation with configurable single-model, multi-model, or society-of-thought execution.
Implementation review activity skill for PAW workflow. Reviews implementation for quality, adds documentation, and returns structured verdict.
| name | paw-review-impact |
| description | Analyzes system-wide impact of PR changes including integration effects, breaking changes, performance, and security implications. |
Analyze system-wide impact of PR changes using understanding artifacts from the Understanding stage.
Reference: Follow Core Review Principles from
paw-review-workflowskill.
Verify these artifacts exist at .paw/reviews/<identifier>/:
ReviewContext.md (PR metadata and parameters)CodeResearch.md (baseline codebase understanding)DerivedSpec.md (what the PR is trying to achieve)If any artifact is missing, report the blocker and do not proceed.
Identify what code depends on the changes:
Integration points table with component, relationship, and impact description
When reviewing PRs across multiple repositories:
Cross-repo impact analysis applies when:
related_prs entries.git directories)Identify contracts between repositories:
@types/, shared/, or package exports)For each breaking change identified:
Cross-Repository Breaking Change Types:
Document which repository depends on which:
| Provider PR | Consumer PR | Contract | Direction |
|---|---|---|---|
| PR-123-api | PR-456-frontend | /api/users endpoint | api → frontend |
| PR-123-api | PR-456-frontend | UserType export | api → frontend |
Add to each ImpactAnalysis.md when in multi-repo mode:
## Cross-Repository Dependencies
| This PR Changes | Affects PR | Type | Migration |
|-----------------|------------|------|-----------|
| `api/types.ts` exports | PR-456-frontend | Breaking | Update types import |
| `/api/users` endpoint | PR-456-frontend | Compatible | No action needed |
**Deployment Order:** PR-123-api MUST deploy before PR-456-frontend
If cross-repo analysis is blocked (e.g., can't access other repository):
Compare before/after to identify incompatible changes:
Breaking changes table with change description, type, and migration needs
Evaluate algorithmic and resource usage changes:
Performance implications section with findings and severity
Assess security-relevant changes:
Security implications section with risks and recommendations
Evaluate whether the change fits well within the system:
Design assessment section with architectural fit, timing, and integration evaluation
Assess impact on both end-users and developer-users:
For developers who will use this code:
User impact section covering end-users and developer-users
Evaluate whether changes improve or degrade overall system health:
Code health trend assessment included in Risk Assessment section
Document what's needed for safe rollout:
Deployment section with migration steps, config changes, and rollout guidance
Create comprehensive impact analysis artifact at .paw/reviews/<identifier>/ImpactAnalysis.md:
---
date: <timestamp>
git_commit: <head SHA>
branch: <head branch>
repository: <repo>
topic: "Impact Analysis for <PR Title or Branch>"
tags: [review, impact, integration]
status: complete
---
# Impact Analysis for <PR Title or Branch>
## Summary
<1-2 sentence overview of impact scope and risk level>
## Baseline State
<From CodeResearch.md: how the system worked before these changes>
## Integration Points
<Components/modules that depend on changed code>
| Component | Relationship | Impact |
|-----------|--------------|--------|
| `module-a` | imports `changed-module` | Breaking: function signature changed |
| `component-b` | calls `changed-function()` | Safe: backward compatible |
## Breaking Changes
<Public API changes, removed features, incompatibilities>
| Change | Type | Migration Needed |
|--------|------|------------------|
| `processData(data, options)` → `processData(data)` | signature | Yes - update all call sites to remove options param |
| Config key `oldKey` removed | config | Yes - update config files to use `newKey` |
**Migration Impact:** <assessment of effort required>
## Performance Implications
**Algorithmic Changes:**
- <description of complexity changes>
**Database Impact:**
- <new queries, indexing needs>
**Hot Path Changes:**
- <modifications to performance-critical code>
**Overall Assessment:** Low | Medium | High performance risk
## Security & Authorization Changes
**Authentication/Authorization:**
- <auth middleware or permission check changes>
**Input Validation:**
- <new user inputs and their validation>
**Data Exposure:**
- <sensitive data handling changes>
**Overall Assessment:** Low | Medium | High security risk
## Design & Architecture Assessment
**Architectural Fit:**
- <Does this belong in codebase vs library? Integration with architectural patterns?>
**Timing Assessment:**
- <Is now a good time for this functionality? Dependencies or prerequisites?>
**System Integration:**
- <How does this fit into broader system design? Coupling or dependency concerns?>
**Overall Assessment:** Well-integrated | Has concerns | Needs redesign
## User Impact Evaluation
**End-User Impact:**
- <User-facing functionality changes, UX improvements/degradations, performance impact>
**Developer-User Impact:**
- <API clarity, ease of use, good defaults, error handling helpfulness>
**Overall Assessment:** Positive | Neutral | Negative user impact
## Deployment Considerations
**Database Migrations:**
- <migration scripts needed>
**Configuration Changes:**
- <new env vars, config updates>
**Dependencies:**
- <new libraries, version changes>
**Rollout Strategy:**
- <gradual rollout, feature flags, monitoring>
**Rollback Plan:**
- <how to revert if issues arise>
## Dependencies & Versioning
**New Dependencies:**
- <libraries added>
**Version Changes:**
- <dependency version bumps>
**External Services:**
- <new integrations or API changes>
## Risk Assessment
**Overall Risk:** Low | Medium | High
**Rationale:**
<Why this risk level? Consider breaking changes, performance, security, deployment complexity, code health trend>
**Code Health Trend:**
- Is this change improving or degrading overall system code health?
- Does it reduce technical debt or add to it?
- Is complexity being added appropriately or accumulating unnecessarily?
- Long-term maintainability impact?
**Mitigation:**
<Steps to reduce risk: testing, gradual rollout, monitoring, rollback plan>
Before completing, verify:
Activity complete.
Artifact saved: .paw/reviews/<identifier>/ImpactAnalysis.md
Status: Success
Key findings:
- X integration points identified
- Y potential breaking changes
- Security risk: [Low|Medium|High]
- Deployment complexity: [Low|Medium|High]