What is multi-AI verification?

The skill triggers parallel analysis from Gemini and Codex to provide a consensus-based recommendation, catching issues that a single model might miss.

How does it detect malicious PRs?

It scans for red flags like obfuscated code, suspicious external calls, and unauthorized CI/CD changes while assessing author credibility and account age.

Does it work with Terraform?

Yes, it is specifically optimized for Terraform, checking for plan-level destruction, variable removals, and provider requirement changes.

Can it prevent resource destruction?

Yes, it includes a mandatory check for changes that would trigger resource recreation, flagging them as MAJOR breaking changes.

Security-First PR Reviewer

Name: Security-First PR Reviewer
Author: mysticaltech

bymysticaltech

•

3,712

•

Security & Testing

Performs deep security audits and compatibility checks on Pull Requests to prevent malicious code injection and breaking changes.

This skill automates the rigorous process of reviewing Pull Requests for the terraform-hcloud-kube-hetzner repository, focusing heavily on security and infrastructure stability. It assesses contributor risk, identifies sensitive file changes, detects malicious patterns, and verifies backward compatibility to prevent accidental resource destruction. By integrating multi-model AI verification from Gemini and Codex, it provides a triple-checked recommendation on whether to approve or reject a PR, ensuring the integrity of the Kubernetes-on-Hetzner ecosystem.

Key Features

01Deep security scanning for hardcoded secrets, obfuscation, and malicious patterns

02Terraform-specific breaking change detection and resource impact analysis

03Automated contributor risk assessment based on account age and history

04Semantic Versioning (SemVer) classification for automated release planning

05Multi-AI verification using Gemini and Codex for triple-redundant reviews

063,712 GitHub stars

Use Cases

01Auditing external contributions for potential supply chain attacks

02Identifying Terraform changes that would cause unintended resource recreation

03Standardizing PR reviews across maintainers with consistent security checklists

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mysticaltech/terraform-hcloud-kube-hetzner review-pr

For use in Claude.ai and ChatGPT

Download Skill