How does the skill determine the depth of a code review?

The skill uses an adaptive strategy based on codebase size: 'Deep' for small repositories (<20 files), 'Focused' for medium (20-200 files), and 'Surgical' for large-scale projects to ensure relevant coverage.

Does it provide actionable exploit scenarios?

Yes, through its Phase 5 Adversarial modeling, it generates concrete attack scenarios and exploitability ratings rather than providing generic security warnings.

Can it detect security regressions in existing code?

Yes, it leverages git history and 'git blame' to analyze removed code, specifically looking for previously patched vulnerabilities (CVEs) or security invariants that might be accidentally reverted.

What specific code triggers are considered 'High Risk'?

The skill automatically flags changes involving authentication, cryptography, value transfers (payments/web3), external API calls, and the removal of validation logic as high-risk triggers.

Differential Security Review

Name: Differential Security Review
Author: sudohakan

bysudohakan

•

Security & Testing

Performs security-focused differential analysis of code changes to identify vulnerabilities and prevent regressions in pull requests and commits.

The differential-review skill is a specialized security auditing tool for Claude Code that automates the analysis of pull requests, commits, and diffs. By prioritizing high-risk areas like authentication and cryptography while calculating the blast radius of changes, it provides developers with evidence-based security reports. It adapts its analysis depth based on codebase size and leverages git history to detect potential regressions, ensuring that security invariants are maintained throughout the development lifecycle using adversarial modeling and quantitative risk assessment.

Key Features

012 GitHub stars

02Adversarial modeling to simulate potential exploit scenarios and exploitability ratings

03Quantitative blast radius calculation to identify transitive impacts of code changes

04Risk-based prioritization focusing on authentication, cryptography, and external calls

05Adaptive analysis strategies tailored for small, medium, and large codebases

06Automated security markdown report generation with line-level evidence and git history context

Use Cases

01Generating comprehensive security documentation and audit trails for compliance and team reviews

02Quickly triaging pull requests to identify security regressions and removed validation checks

03Performing a deep security audit on high-risk system rewrites or authentication logic changes

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sudohakan/claude-code-dotfiles differential-review

For use in Claude.ai and ChatGPT

Key Features

012 GitHub stars

02Adversarial modeling to simulate potential exploit scenarios and exploitability ratings

03Quantitative blast radius calculation to identify transitive impacts of code changes

04Risk-based prioritization focusing on authentication, cryptography, and external calls

05Adaptive analysis strategies tailored for small, medium, and large codebases

06Automated security markdown report generation with line-level evidence and git history context

Use Cases

01Generating comprehensive security documentation and audit trails for compliance and team reviews

02Quickly triaging pull requests to identify security regressions and removed validation checks

03Performing a deep security audit on high-risk system rewrites or authentication logic changes