Does this skill work with both GitHub and GitLab?

Yes, the PR Review Expert skill is compatible with both GitHub (using gh CLI) and GitLab (using glab CLI) to fetch diffs, metadata, and CI status.

What kind of security issues can it detect during a review?

It scans for SQL injection risks, XSS vectors, hardcoded secrets such as API keys, insecure authentication patterns, and dangerous function calls like eval or exec.

Can it verify project management tickets like Jira or Linear?

Yes, it can extract ticket references from the PR body and use platform APIs to verify that the ticket exists and matches the scope of the code changes.

How does it assist with large Pull Requests?

For PRs over 200 lines, it provides structured analysis including a 30+ item checklist, prioritizing critical findings like performance regressions and breaking API changes.

Does it replace the need for human code reviewers?

No, it is designed to act as a powerful co-pilot that handles the tedious technical checks, allowing human reviewers to focus on high-level architecture and business logic.

PR Review Expert

Name: PR Review Expert
Author: micsapp

bymicsapp

0•

Security & Testing

Conducts structured, high-depth code reviews for GitHub and GitLab including security scans, performance analysis, and blast radius reporting.

PR Review Expert is a specialized Claude Code skill designed to automate and enhance the technical review process for Pull Requests and Merge Requests. It systematically evaluates code changes for security vulnerabilities, potential breaking changes in API contracts or database schemas, and calculates test coverage deltas. By performing deep blast radius analysis to identify downstream impacts and checking for performance regressions like N+1 queries, this skill provides a comprehensive, reviewer-ready report with prioritized findings, helping engineering teams maintain high code quality standards while significantly reducing manual review overhead.

Key Features

01Deep security scanning for SQL injection, XSS, hardcoded secrets, and auth bypass patterns.

02Test coverage delta calculation comparing new logic lines against new test additions.

03Automated blast radius analysis to identify impacted downstream files and services.

04Automated verification of linked Jira or Linear tickets to ensure proper project tracking.

050 GitHub stars

06Breaking change detection for REST/GraphQL API contracts and database schema migrations.

Use Cases

01Reviewing high-stakes PRs involving shared libraries, authentication modules, or database migrations.

02Onboarding new contributors by providing structured, exhaustive technical feedback on their submissions.

03Performing rapid security and performance audits on large, complex code changes exceeding 200 lines.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills pr-review-expert

For use in Claude.ai and ChatGPT

Key Features

01Deep security scanning for SQL injection, XSS, hardcoded secrets, and auth bypass patterns.

02Test coverage delta calculation comparing new logic lines against new test additions.

03Automated blast radius analysis to identify impacted downstream files and services.

04Automated verification of linked Jira or Linear tickets to ensure proper project tracking.

050 GitHub stars

06Breaking change detection for REST/GraphQL API contracts and database schema migrations.

Use Cases

01Reviewing high-stakes PRs involving shared libraries, authentication modules, or database migrations.

02Onboarding new contributors by providing structured, exhaustive technical feedback on their submissions.

03Performing rapid security and performance audits on large, complex code changes exceeding 200 lines.