Skip to main content

differential-review

differential-review

Catalogue généré le 2026-05-11

En une phrase

Performs security-focused differential review of code changes (PRs, commits, diffs).

Quand l'utiliser

  • Voir la description ci-dessus et la section « Pour aller plus loin ».

Comment l'invoquer

  • Slash command : /differential-review (si exposé dans ton CLI)
  • Phrases déclencheurs : voir la description complète ci-dessous
  • Auto-invocation : sur demande explicite

Description complète

Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically detects and prevents security regressions.

Pour aller plus loin

Differential Security Review

Security-focused code review for PRs, commits, and diffs.

Core Principles

  1. Risk-First: Focus on auth, crypto, value transfer, external calls
  2. Evidence-Based: Every finding backed by git history, line numbers, attack scenarios
  3. Adaptive: Scale to codebase size (SMALL/MEDIUM/LARGE)
  4. Honest: Explicitly state coverage limits and confidence level
  5. Output-Driven: Always generate comprehensive markdown report file

Rationalizations (Do Not Skip)

Rationalization Why It's Wrong Required Action
"Small PR, quick review" Heartbleed was 2 lines Classify by RISK, not size
"I know this codebase" Familiarity breeds blind spots Build explicit baseline context
"Git history takes too long" History reveals regressions Never skip Phase 1
"Blast radius is obvious" You'll miss transitive callers Calculate quantitatively

(extrait — voir le SKILL.md complet pour la suite)

Source

  • Plugin : trailofbits/differential-review
  • Nom interne : differential-review
  • Fichier : /home/thymon/.claude/plugins/cache/trailofbits/differential-review/1.0.0/skills/differential-review/SKILL.md