What happens if a code review is rejected?

If rejected, the skill returns the workflow to the implementation phase, providing the developer with specific feedback to address before the gate can be cleared.

What triggers the Code Review Gate automatically?

The gate triggers for modifications to security-sensitive directories (like /auth or /api), functions with high cyclomatic complexity, or changes involving more than 10 files or 500 lines.

Is there a way to bypass the gate in an emergency?

Yes, an emergency bypass command is available for urgent hotfixes, which requires a justification and ticket number for the audit trail.

Does it integrate with my existing CI/CD tools?

The skill generates standardized JSON signals and reports that can be consumed by other automation tools to track the progress of a feature through the development lifecycle.

Can I use this skill to enforce security standards?

Yes, it includes a comprehensive security checklist covering secret detection, input validation, SQL injection prevention, and authentication enforcement.

Code Review Gate

Name: Code Review Gate
Author: turbobeest

byturbobeest

0•

セキュリティとテスト

Enforces mandatory human oversight for security-sensitive, high-complexity, and large-scale code changes within development workflows.

The Code Review Gate skill introduces a structured human validation layer between implementation and integration phases. It automatically identifies high-risk changes—such as modifications to authentication logic, cryptographic utilities, or extremely complex functions—and pauses the workflow until a human reviewer provides approval. By providing built-in checklists for security, architecture, and quality, this skill ensures that critical code paths meet professional standards and remain maintainable before they reach production-ready environments.

主な機能

01Cyclomatic complexity monitoring to flag high-risk functions

02Interactive review loop with support for comments and rejections

030 GitHub stars

04Standardized review checklists for security, architecture, and testing

05Automatic triggers for security-sensitive paths like auth and crypto

06Audit-ready JSON report generation for compliance tracking

ユースケース

01Preventing the integration of overly complex or undocumented code into the main branch

02Implementing mandatory senior developer sign-off for authentication and API changes

03Enforcing security best practices during large-scale refactoring projects

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add turbobeest/cursor-dev-system code-review-gate

For use in Claude.ai and ChatGPT

Download Skill