How does the skill handle different project sizes?

It uses an adaptive strategy: DEEP analysis for small projects ( 200 files).

What types of code changes does this skill prioritize?

The skill focuses on high-risk areas including authentication, cryptography, value transfers, external API calls, and the removal of validation logic or access control modifiers.

Does it provide a formal written report?

Absolutely. One of its core principles is being output-driven; it always generates a comprehensive markdown report file including line numbers, risk ratings, and attack scenarios.

Is it compatible with other Claude Code skills?

Yes, it is designed to work with audit-context-building for deeper analysis and issue-writer to transform findings into formal GitHub or GitLab issues.

Can it detect security regressions?

Yes, it utilizes git history analysis to specifically check for removed security code, previous CVE fixes, and changes to internal access modifiers that might expose vulnerabilities.

Differential Security Review

Name: Differential Security Review
Author: monmacllcapp

bymonmacllcapp

0•

安全与测试

Performs security-focused differential reviews of code changes to detect vulnerabilities and prevent regressions in PRs and commits.

Differential Security Review is a specialized Claude Code skill designed to conduct deep, risk-centric audits of code changes. It intelligently scales its analysis based on codebase size—ranging from deep dependency checks in small repos to surgical critical-path reviews in large systems. By leveraging git history to identify regressions and calculating the blast radius of changes, the skill provides evidence-based security findings, adversarial exploit scenarios, and comprehensive markdown reports. It is particularly effective for reviewing sensitive logic such as authentication, cryptography, and value transfers, ensuring every code change maintains a high security posture.

主要功能

01Deep git history integration to detect removed security controls and regressions

02Automated blast radius calculation to identify transitive impacts of code changes

03Automated generation of detailed markdown security reports with line-level findings

040 GitHub stars

05Adaptive analysis strategies tailored to codebase size (Small, Medium, and Large)

06Adversarial modeling to generate concrete, evidence-based attack scenarios

使用场景

01Generating formal security audit artifacts for compliance and team review

02Auditing sensitive PRs involving authentication, cryptography, or value transfers

03Identifying security regressions in legacy codebases during major refactoring

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add monmacllcapp/skill-forks differential-review

For use in Claude.ai and ChatGPT

Download Skill