Stats
Actions
Tags
From jewzaam-reviews
Apply findings from a Findings-*.json file as iterative, committed fixes.
How this skill is triggered — by the user, by Claude, or both
Slash command
/jewzaam-reviews:apply-review [Findings-file.json] [C0 I1 S2...][Findings-file.json] [C0 I1 S2...]This skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Plugin root with `~` prefix. Use this path in all Bash commands that invoke plugin scripts.
Plugin root with ~ prefix. Use this path in all Bash commands that invoke plugin scripts.
!bash ${CLAUDE_PLUGIN_ROOT}/scripts/print-plugin-home.sh ${CLAUDE_PLUGIN_ROOT}
Absolute path of the project root. The main agent MUST substitute this value for any ./.tmp-apply-review/... path it passes to a dispatched sub-agent, so the sub-agent has an unambiguous absolute Write target and cannot drift to /tmp/ or any other directory.
!pwd
Wipes and recreates ./.tmp-apply-review/ at the project root with a .gitignore of *. The final step writes a pre-render JSON here for render-apply-report.py.
!bash ${CLAUDE_PLUGIN_ROOT}/scripts/bootstrap-tmp.sh .tmp-apply-review
!bash ${CLAUDE_PLUGIN_ROOT}/scripts/print-handoff-contract.sh
Take a Findings-*.json file produced by any producer skill in this plugin (/review, /standards, /c4-reverse-engineer, /update-pr) and systematically apply its findings as code changes — one finding at a time, with test validation and user review before each commit. Output a Report-apply-review.json summarizing what was applied.
The input is the authoritative JSON handoff (validated against ${CLAUDE_PLUGIN_ROOT}/schemas/findings.schema.json). The companion .md files are human-readable views — this skill does not parse them.
The key value is discipline: each finding becomes an isolated, tested, committed change with a targeted commit message. The user controls staging and can reject or modify any change before it lands.
.json only — if given .md, look for a sibling .json with the same basename and use that; if none exists, stop and tell the user the producer skill must re-run.Findings-*.json files at the project root.Before any code changes, validate the chosen input against the shared schema:
python ${CLAUDE_PLUGIN_ROOT}/skills/apply-review/scripts/render-apply-report.py --validate-input <path-to-findings.json>
If validation fails, surface the error to the user and stop — do not fall back to a partial parse, do not attempt fixes, do not iterate findings from a malformed envelope. The producer skill is responsible for emitting a valid document; a malformed input is always a bug upstream.
On success, proceed to Step 0.
~: Use the Plugin Home path from the Pre-Fetch section (starts with ~) when constructing Bash commands for plugin scripts. Do not use absolute /home/... paths. Do not use && or || chaining — each script call must be a standalone Bash invocation.Before touching any code, verify the project's checks pass cleanly. Check the Makefile for available validation targets (e.g., make test-unit, make lint, make typecheck, make format) and run whichever exist. Capture the results.
If any check fails, use AskUserQuestion to present the failures and ask:
A clean starting state is strongly preferred. When pre-existing failures exist and the user chooses to proceed, record the exact failure signatures (test names, lint rules, error messages) so they can be filtered out during per-finding validation in Step 3b.
Read the Findings-*.json file and iterate findings[]. Each finding is a structured object with (at minimum) the shared schema's base fields:
id — prefix C / I / S / N followed by a zero-indexed sequence number per bucket (e.g., C0, I3, S1, N0)severity — critical | important | suggestion | needs-reviewtitle — short summarylocations[] — array of {path, line, role?} objectsissue, why_it_matters, suggested_fix — prose fieldscontent_hash — stable identifier; useful for log/commit referencesSource-specific extras (concern_slug for review, subdomain for standards, artifact/verdict/spec_says/code_says/evidence for c4-reverse-engineer) are present when the producer adds them — use them for context but don't require them.
Read the top-level issues[] array before beginning. These are meta-issues from the producer skill (sub-agent failures, permission denials, validation rejections). If an issue with severity: "error" is present, surface it to the user and confirm they still want to proceed — the review may be incomplete.
Skip needs-review findings. By convention, N* findings are low-confidence and belong to manual triage, not automatic application.
Scoped finding IDs: If the user provided specific finding IDs as arguments (e.g., /apply-review Findings-update-pr-123.json C0 I2 S3), only process those findings. Skip all others — they are out of scope for this run. This is how the update-pr skill delegates accepted local edits: it produces a Findings-update-pr-<number>.json with the full traceability, then hands off only the finding IDs that need code changes.
Sort findings by implementation order — dependencies and risk:
Group related findings that must be applied together (e.g., if fixing a module structure also requires updating exports, those go in one step).
Create a task for each finding (or group of related findings) using TaskCreate. This gives the user visibility into progress.
For each finding, follow this exact cycle:
in_progressRun the project's test suite using make targets. Prefer the most targeted test command that covers the changed code. If it fails:
Use AskUserQuestion to present a single decision point. The question should include:
This is one question, one interaction. "Commit" means the user has already reviewed and staged — proceed directly to committing. No follow-up confirmation.
If the user says "Need changes", wait for their feedback, apply it, re-validate, and ask again (same single-question format).
If the user says "Skip commits, apply all remaining" (or equivalent), enter batch mode:
outcome: "pending-commit" in the pre-render JSON (step 5) — not applied (no commit yet) and not skipped (working-tree changes exist). Do not set commit_sha for these.The user has staged the files. Commit immediately with a targeted message:
fix(scope):, feat(scope):, refactor(scope):)Assisted-by: Claude Code (<model-name>) trailerReview: I3) in the body so the commit links back to the findinggit commit -m "$(cat <<'EOF'
fix(scope): short description of what changed
Why this change was needed, referencing the review finding.
Review: I3
Assisted-by: Claude Code (Claude Opus 4.6)
EOF
)"
After the commit succeeds, run git rev-parse HEAD and record the full SHA. When the pre-render JSON is written in Step 5, populate the finding's commit_sha field with this value — it's the machine-readable traceability link from finding → commit and is required downstream by any automated revert/audit tooling.
completedAfter all findings are applied, re-run all available validation targets from the Makefile (the same set used in Step 0). Report the results. If any check fails and it's not pre-existing, investigate and fix before declaring done.
After verification, record what was applied by invoking the apply-report renderer:
python ${CLAUDE_PLUGIN_ROOT}/skills/apply-review/scripts/render-apply-report.py \
--input ./.tmp-apply-review/pre-render.json \
--out-dir <project root> \
--project-name <project name from the consumed review>
Before invoking, write ./.tmp-apply-review/pre-render.json with:
{
"project": {"name": "<project-name>"},
"applied": [
{"finding_id": "C0", "outcome": "applied", "detail": "Short summary", "commit_sha": "<full-sha-from-git-rev-parse>"},
{"finding_id": "I1", "outcome": "pending-commit", "detail": "Batch mode: implemented, user will commit"},
{"finding_id": "S0", "outcome": "skipped", "detail": "Out of user-supplied scope"},
{"finding_id": "I9", "outcome": "failed", "detail": "Tests regressed after patch; reverted", "error_kind": "validation_failed"}
],
"issues": [
{"severity": "error|warning", "kind": "<from shared schema>", "message": "..."}
]
}
Outcome semantics:
applied — change committed; commit_sha is required (full SHA from git rev-parse HEAD after the commit).pending-commit — change is in the working tree but uncommitted (batch mode). No commit_sha.skipped — change not made (filtered by scope, invalid finding, etc.).failed — attempted but could not complete cleanly; error_kind is required (same enum as issues[].kind: permission_denied | subagent_failure | validation_failed | tool_unavailable | schema_rejected_input | other).The script validates against the shared schema (source: "apply-review", findings: [], required applied[]) and writes Report-apply-review.json at --out-dir. It does not emit markdown — apply-review is a consumer skill producing an action report, not a review document.
Exits non-zero on validation failure; no file is written in that case.
git add — the user controls staging; hooks block itgit push — the user controls when to pushnpx claudepluginhub jewzaam/jewzaam-reviews --plugin jewzaam-reviewsCreates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.