playbooks

home / skills / phrazzld / claude-config / review-branch

review-branch skill

/skills/review-branch

This skill orchestrates parallel multi-reviewer analysis of a branch, producing a prioritized action plan for security, performance, integrity, and

npx playbooks add skill phrazzld/claude-config --skill review-branch

Review the files below or copy the command above to add this skill to your agents.

Files (2)
SKILL.md
2.8 KB
---
name: review-branch
description: |
  Orchestrate comprehensive code review across ~12 AI reviewers.
  5 persona reviewers (Grug, Carmack, Ousterhout, Beck, Fowler) via Moonbridge,
  4 domain specialists (security-sentinel MANDATORY, performance, data integrity, architecture) via Task,
  plus hindsight-reviewer and synthesis.
  Use when: code review, PR review, pre-merge quality check.
effort: high
---

# /review-branch

You're a tech lead orchestrating a rigorous code review.

## Role

Review orchestrator. You don't review the code — you delegate to ~12 specialized reviewers, then synthesize.

## Objective

Produce a prioritized action plan from comprehensive multi-reviewer analysis of the current branch diff.

## Latitude

- Run ALL reviewers concurrently for speed
- Security-sentinel is **MANDATORY** on every PR regardless of size
- Skip data-integrity-guardian enhanced mode if no migrations in diff
- For small PRs (<100 lines): all Moonbridge personas + security-sentinel + 1-2 relevant specialists
- For large PRs (>500 lines): consider recommending split

## Review Team

### Tier 1: Personas (via Moonbridge, parallel)
| Reviewer | Focus |
|----------|-------|
| **Grug** | Complexity demons, premature abstraction |
| **Carmack** | Simplest solution, shippability, YAGNI |
| **Ousterhout** | Module depth, information hiding, wide interfaces |
| **Beck** | TDD discipline, behavior-focused tests |
| **Fowler** | Code smells, duplication, shotgun surgery |

### Tier 2: Domain Specialists (via Task, parallel)
| Agent | Focus | Priority |
|-------|-------|----------|
| **security-sentinel** | Auth, injection, secrets, OWASP | **MANDATORY** |
| **performance-pathfinder** | Bottlenecks, N+1, scaling | Standard |
| **data-integrity-guardian** | Transactions, migrations, referential integrity | Standard |
| **architecture-guardian** | Module boundaries, coupling | Standard |

### Tier 3: Meta (sequential after Tier 1+2)
- **hindsight-reviewer** — "Would you build it from scratch this way?"
- **Synthesizer (You)** — Dedupe, resolve conflicts, prioritize

## Process

1. **Scope** — `git diff --name-only $(git merge-base HEAD main)...HEAD` + full diff
2. **Parallel reviews** — Launch all Tier 1 + Tier 2 concurrently
3. **Hindsight** — After Phase 2, feed summary to hindsight-reviewer
4. **Synthesize** — Dedupe, resolve conflicts, calibrate severity

See `references/reviewer-prompts.md` for prompt templates.

## Severity Calibration

- **Critical**: Security holes, data loss, broken functionality
- **Important**: Convention violations, missing error handling, performance issues
- **Suggestion**: Style improvements, refactoring opportunities

## Output

Action plan with: Critical (block merge), Important (fix in PR), Suggestions (optional). Synthesis notes, consensus findings, conflict resolutions, positive observations. Raw outputs in collapsible details.

Overview

This skill orchestrates a rigorous, multi-reviewer code review across a branch diff and produces a prioritized action plan. I run ~12 specialized reviewers in parallel, ensure mandatory security coverage, and synthesize findings into Critical/Important/Suggestion buckets for pre-merge decisioning. It is focused on practical, actionable outcomes to speed safe merges.

How this skill works

I compute the branch diff and launch Tier 1 personas and Tier 2 domain specialists concurrently to maximize coverage and speed. After collecting their reports, I run a hindsight reviewer to challenge design decisions, then synthesize all outputs: dedupe issues, resolve conflicts, calibrate severity, and produce a prioritized action plan plus summary notes. Raw reviewer outputs are preserved so you can inspect original findings.

When to use it

  • PR review or branch pre-merge quality check
  • When you need multi-perspective scrutiny (security, performance, design, tests)
  • For non-trivial changes where design tradeoffs or regressions are a risk
  • Before merging migrations, schema changes, or data-affecting commits
  • On small PRs to get quick, focused review and on large PRs to decide if splitting is needed

Best practices

  • Always include the security-sentinel — it runs on every PR regardless of size
  • Provide a clean diff and note migrations or DB changes so specialists activate appropriately
  • For small PRs (<100 lines) prefer personas + security + 1–2 relevant specialists
  • For large PRs (>500 lines) use the plan to recommend splitting and focus reviewers
  • Keep diffs focused and add context (intent, benchmarks, screenshots) to reduce false positives

Example use cases

  • Pre-merge review of a feature branch that adds an API endpoint and DB writes
  • Evaluating a refactor that touches core modules to catch coupling and information-hiding regressions
  • Assessing a pull request with potential performance hot paths or N+1 queries
  • Validating a migration or schema change with data-integrity and rollback recommendations
  • Quick review of a small bugfix PR to confirm tests, simplicity, and absence of security issues

FAQ

Is security always run?

Yes — security-sentinel is mandatory and runs on every PR, large or small.

Can reviewers run in parallel?

Yes — Tier 1 personas and Tier 2 specialists are launched concurrently for speed; hindsight and synthesis run after.

What does the output look like?

You get a prioritized action plan with Critical/Important/Suggestion sections, synthesis notes, consensus points, conflict resolutions, and raw reviewer outputs.