When should I avoid using this skill?

It is not intended for greenfield code without a baseline, documentation-only changes, or simple cosmetic formatting updates.

How does this differ from a standard AI code review?

This skill specifically focuses on security invariants and uses git history to understand context, whereas standard reviews often focus on style or general logic. It prioritizes high-risk areas like auth and crypto.

Can it handle very large repositories?

Yes, it uses an adaptive 'Surgical' strategy for repositories over 200 files, focusing only on critical paths and high-risk changes to maintain efficiency.

What is blast radius calculation?

It identifies all transitive callers and downstream dependencies affected by a code change to ensure a local fix doesn't cause a global security failure.

Does it produce a formal report?

Yes, the skill is 'Output-Driven' and automatically generates a comprehensive markdown report file containing findings, evidence, and risk ratings.

Differential Security Review

Name: Differential Security Review
Author: fjor1025

byfjor1025

0•

보안 및 테스팅

Performs deep, security-focused differential analysis on code changes to identify risks, calculate blast radius, and prevent vulnerabilities.

Differential Security Review is a specialized capability for Claude Code designed to perform rigorous security audits on pull requests, commits, and diffs. By leveraging git history and adaptive analysis strategies tailored to codebase size, it identifies high-risk changes in authentication, cryptography, and data validation. Unlike standard linters, it calculates quantitative blast radius for transitive impacts, models adversarial attack scenarios, and generates evidence-based markdown reports, ensuring that every finding is backed by specific line numbers and historical context.

주요 기능

01Git history context to detect and prevent security regressions

02Comprehensive markdown report generation with line-level evidence

03Adaptive analysis depth based on codebase size (Small, Medium, or Large)

040 GitHub stars

05Adversarial modeling and concrete exploit scenario generation

06Quantitative blast radius calculation for high-risk changes

사용 사례

01Identifying hidden regressions by analyzing removed security invariants

02Auditing sensitive pull requests involving authentication or value transfer

03Assessing the security impact of large-scale architectural refactors

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fjor1025/infosec-framework differential-review

For use in Claude.ai and ChatGPT

Download Skill