playbooks

home / skills / adibfirman / dotfiles / gitnexus-impact-analysis

gitnexus-impact-analysis skill

/claude/.claude/skills/gitnexus-impact-analysis

This skill helps you assess blast radius and safety before code changes by mapping dependencies, executions, and risks.

npx playbooks add skill adibfirman/dotfiles --skill gitnexus-impact-analysis

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
2.9 KB
---
name: gitnexus-impact-analysis
description: "Use when the user wants to know what will break if they change something, or needs safety analysis before editing code. Examples: \"Is it safe to change X?\", \"What depends on this?\", \"What will break?\""
---

# Impact Analysis with GitNexus

## When to Use

- "Is it safe to change this function?"
- "What will break if I modify X?"
- "Show me the blast radius"
- "Who uses this code?"
- Before making non-trivial code changes
- Before committing — to understand what your changes affect

## Workflow

```
1. gitnexus_impact({target: "X", direction: "upstream"})  → What depends on this
2. READ gitnexus://repo/{name}/processes                   → Check affected execution flows
3. gitnexus_detect_changes()                               → Map current git changes to affected flows
4. Assess risk and report to user
```

> If "Index is stale" → run `npx gitnexus analyze` in terminal.

## Checklist

```
- [ ] gitnexus_impact({target, direction: "upstream"}) to find dependents
- [ ] Review d=1 items first (these WILL BREAK)
- [ ] Check high-confidence (>0.8) dependencies
- [ ] READ processes to check affected execution flows
- [ ] gitnexus_detect_changes() for pre-commit check
- [ ] Assess risk level and report to user
```

## Understanding Output

| Depth | Risk Level       | Meaning                  |
| ----- | ---------------- | ------------------------ |
| d=1   | **WILL BREAK**   | Direct callers/importers |
| d=2   | LIKELY AFFECTED  | Indirect dependencies    |
| d=3   | MAY NEED TESTING | Transitive effects       |

## Risk Assessment

| Affected                       | Risk     |
| ------------------------------ | -------- |
| <5 symbols, few processes      | LOW      |
| 5-15 symbols, 2-5 processes    | MEDIUM   |
| >15 symbols or many processes  | HIGH     |
| Critical path (auth, payments) | CRITICAL |

## Tools

**gitnexus_impact** — the primary tool for symbol blast radius:

```
gitnexus_impact({
  target: "validateUser",
  direction: "upstream",
  minConfidence: 0.8,
  maxDepth: 3
})

→ d=1 (WILL BREAK):
  - loginHandler (src/auth/login.ts:42) [CALLS, 100%]
  - apiMiddleware (src/api/middleware.ts:15) [CALLS, 100%]

→ d=2 (LIKELY AFFECTED):
  - authRouter (src/routes/auth.ts:22) [CALLS, 95%]
```

**gitnexus_detect_changes** — git-diff based impact analysis:

```
gitnexus_detect_changes({scope: "staged"})

→ Changed: 5 symbols in 3 files
→ Affected: LoginFlow, TokenRefresh, APIMiddlewarePipeline
→ Risk: MEDIUM
```

## Example: "What breaks if I change validateUser?"

```
1. gitnexus_impact({target: "validateUser", direction: "upstream"})
   → d=1: loginHandler, apiMiddleware (WILL BREAK)
   → d=2: authRouter, sessionManager (LIKELY AFFECTED)

2. READ gitnexus://repo/my-app/processes
   → LoginFlow and TokenRefresh touch validateUser

3. Risk: 2 direct callers, 2 processes = MEDIUM
```

Overview

This skill performs pre-change safety and blast-radius analysis so you know what will break before editing code. It maps symbol dependencies, execution processes, and current git diffs to produce a concise risk assessment and prioritized list of affected callers. Use it to make informed, low-risk edits and to prepare tests or rollback plans.

How this skill works

The skill queries a dependency index to find upstream dependents of a target symbol and classifies them by depth (d=1 WILL BREAK, d=2 LIKELY AFFECTED, d=3 MAY NEED TESTING). It can also read process manifests to locate affected runtime flows and run a git-diff based detector to map current staged or working changes to impacted symbols. Results are summarized as a risk level with counts and concrete file:line callers.

When to use it

  • Before changing a function, API, or config to check impact
  • Prior to committing non-trivial code edits
  • When you need to know who or what uses a symbol
  • To estimate test and rollout scope for a change
  • To prioritize fixes when multiple areas are affected

Best practices

  • Run impact analysis with direction='upstream' to find callers first
  • Review d=1 items immediately — these are direct breakage risks
  • Set minConfidence to filter noisy transitive links (e.g., 0.8)
  • Combine gitnexus_detect_changes() with staged diffs for pre-commit checks
  • Inspect process manifests to understand runtime/critical-path effects

Example use cases

  • Is it safe to change validateUser? — find direct callers, affected flows, and risk level
  • What will break if I rename this exported symbol? — list d=1 callers and files to update
  • Pre-commit safety check — map staged changes to processes and get a MEDIUM/HIGH risk flag
  • Assess blast radius for a config change in auth or payments — identify critical-path processes

FAQ

How do I interpret the depth labels?

d=1 means direct callers/importers and represents WILL BREAK. d=2 are indirect dependents that are LIKELY AFFECTED. d=3 are transitive links that MAY NEED TESTING.

What if the index is stale?

Rebuild the index (e.g., run the repository analyzer) before running impact queries to ensure results reflect the latest code.