What is data contract validation?

It is a specialized check that ensures any data-* attributes referenced in your JavaScript or CSS selectors actually exist within your HTML files to prevent broken functionality.

Can I use the output for automated pipelines?

Absolutely. The skill returns a structured JSON response including a success status and a list of issues categorized by severity, making it ideal for integration into CI/CD scripts.

How does it enforce design system compliance?

It flags hardcoded hex colors, magic numbers, and pixel values in CSS and JS, suggesting the use of standardized CSS variables and design tokens instead.

What security vulnerabilities can this skill detect?

The skill identifies critical risks such as Cross-Site Scripting (XSS) via innerHTML, usage of eval(), hardcoded credentials in source code, and unsafe inline event handlers.

Does this skill help with web accessibility (a11y)?

Yes, it scans for missing alt text, missing ARIA labels on icons, and the use of non-semantic elements where interactive components like buttons should be used.

Automated Code Review Auditor

Name: Automated Code Review Auditor
Author: astro44

byastro44

•

Security & Testing

Performs automated audits for security vulnerabilities, accessibility compliance, design token usage, and data attribute consistency.

The review-code-review skill acts as an intelligent quality gate for your development workflow, providing rapid, pattern-based scanning of source files. It specializes in identifying high-risk security flaws like XSS and hardcoded credentials, enforcing UI consistency by flagging non-tokenized CSS, and ensuring accessibility through ARIA and semantic HTML checks. Uniquely, it validates data contracts by cross-referencing JavaScript and CSS selectors against HTML structure, providing structured JSON feedback that categorizes issues by severity to streamline the remediation process.

Key Features

01Design system enforcement by identifying hardcoded hex colors and pixel values

02Security auditing for XSS risks, eval usage, and hardcoded credentials

03Cross-file data contract validation for data-* attribute consistency

04Severity-based reporting with actionable fix recommendations in JSON format

052 GitHub stars

06Accessibility scanning for missing ARIA attributes and non-semantic elements

Use Cases

01Automating pre-merge security and accessibility checks for frontend pull requests

02Migrating legacy CSS to a standardized design token system

03Verifying that JavaScript data-attribute selectors match the underlying HTML structure

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add astro44/autonom8-agents review-code-review

For use in Claude.ai and ChatGPT

Key Features

01Design system enforcement by identifying hardcoded hex colors and pixel values

02Security auditing for XSS risks, eval usage, and hardcoded credentials

03Cross-file data contract validation for data-* attribute consistency

04Severity-based reporting with actionable fix recommendations in JSON format

052 GitHub stars

06Accessibility scanning for missing ARIA attributes and non-semantic elements

Use Cases

01Automating pre-merge security and accessibility checks for frontend pull requests

02Migrating legacy CSS to a standardized design token system

03Verifying that JavaScript data-attribute selectors match the underlying HTML structure

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add astro44/autonom8-agents review-code-review

For use in Claude.ai and ChatGPT