How does this skill identify security risks?

The skill scans for plaintext passwords, unparameterized SQL queries, missing CSRF tokens, and insecure storage practices, flagging these as CRITICAL violations.

How do I invoke the specific security checklist?

While the review skill covers security, you can trigger a deep-dive security audit by invoking /patriot-forge:security.

Can it help with CI/CD pipeline preparation?

Yes, it verifies that code changes will pass Ruff, Mypy strict mode, and Bandit security scans before you trigger your actual pipeline.

Does it support both backend and frontend reviews?

Yes, it contains specific modules for Python/FastAPI backend conventions and TypeScript/React frontend standards, including Tailwind CSS utility usage.

What database standards does the skill enforce?

It enforces the use of UUID primary keys, the forge_ table prefix, soft deletes via deleted_at, and NUMERIC types for monetary data.

PatriotForge Code Review

Name: PatriotForge Code Review
Author: aka-kolton

byaka-kolton

0•

协作工具

Conducts comprehensive audits of pull requests and code changes to ensure compliance with PatriotForge security, quality, and architectural standards.

The PatriotForge Code Review skill provides an automated, multi-layered review process tailored for the PatriotForge ERP ecosystem. It systematically evaluates contributions across eight critical domains, including security compliance, backend/frontend conventions, and database integrity. By enforcing strict patterns such as async-only database calls, UUID primary keys, and Pydantic validation, this skill ensures that all code meets production-grade standards before deployment. It acts as a digital gatekeeper, flagging security vulnerabilities as critical and convention mismatches as warnings to maintain a high-quality, secure codebase.

主要功能

01Database schema verification including UUID keys and soft delete patterns

020 GitHub stars

03CI/CD readiness checks including Ruff, Mypy, and Bandit compatibility

04Validation of PatriotForge backend patterns and dependency injection

05Critical security auditing for secrets, SQL injection, and CSRF protection

06Frontend compliance checks for TypeScript strictness and Tailwind CSS

使用场景

01Performing a final audit on pull requests before merging into production

02Refactoring legacy modules to meet current PatriotForge architectural standards

03Verifying new database migrations and schema changes for ERP compatibility

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add aka-kolton/patriotforge-claude-plugin code-review

For use in Claude.ai and ChatGPT

Download Skill