Does it support performance optimization?

Yes, it classifies performance problems like N+1 queries and inefficient algorithms as P2 (Important) issues that should be addressed in the current iteration.

Can this skill help with security audits?

Yes, it specifically identifies and classifies OWASP Top 10 violations, hardcoded credentials, and authentication bypasses as P1 (Critical) issues.

What happens when a P1 issue is identified?

P1 issues are classified as 'Blocks Merge.' The skill recommends immediate fixes and the creation of P1 todos to ensure the issue is resolved before deployment.

How does this skill determine issue severity?

It uses a logical three-tier framework: P1 for immediate harm or data loss, P2 for significant performance or maintainability impacts, and P3 for minor polish or style improvements.

Quality Severity Triage

Name: Quality Severity Triage
Author: jovermier

byjovermier

安全与测试

Classifies code issues, security findings, and review comments into prioritized severity levels to streamline triage and merge decisions.

关于

This skill provides a standardized framework for evaluating the impact of code issues during reviews and development. By categorizing findings into P1 (Critical), P2 (Important), and P3 (Nice-to-Have), it helps teams differentiate between merge-blocking security vulnerabilities or system failures and minor style inconsistencies or technical debt. It includes a specific classification framework and a structured output format to ensure clear communication of problems, impacts, and required fixes across the development lifecycle, ensuring that high-risk issues are never overlooked.

主要功能

Standardized P1-P3 severity classification for code findings
0 GitHub stars
Structured Markdown reporting for clear remediation steps
Performance impact assessment for N+1 queries and memory leaks
Security-focused auditing for OWASP vulnerabilities and secrets
Architectural review based on SOLID principles and complexity

使用场景

Automating severity assessment during PR reviews to identify blockers
Standardizing communication between security auditors and developers
Triaging legacy technical debt into actionable backlogs

关于

主要功能

Standardized P1-P3 severity classification for code findings
0 GitHub stars
Structured Markdown reporting for clear remediation steps
Performance impact assessment for N+1 queries and memory leaks
Security-focused auditing for OWASP vulnerabilities and secrets
Architectural review based on SOLID principles and complexity

使用场景

Automating severity assessment during PR reviews to identify blockers
Standardizing communication between security auditors and developers
Triaging legacy technical debt into actionable backlogs