Stats
Actions
Tags
From lifeline
Use when reviewing code - "review this", after implementation, before merge. ONE review per task, ALWAYS all four lenses (logic, architecture, security, performance), with depth scaled to the task's effort label. Returns structured REVIEW_FINDINGS.
How this skill is triggered — by the user, by Claude, or both
Slash command
/lifeline:four-lens-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Exactly **one review per task**. It always walks **all four lenses**; what scales with
Exactly one review per task. It always walks all four lenses; what scales with
the task is depth, never lens coverage. There is no combined-vs-specialized choice
to make. Delegable role: reviewer — @dispatch_agent on FULL tier, inline otherwise.
| Task effort | Depth | Behavior |
|---|---|---|
| trivial, small | light | One pass per lens over the diff. APPROVE quickly if sound — don't manufacture findings. |
| medium | standard | Apply each lens checklist to the diff; read surrounding context where the diff touches it. |
| large | deep | Checklists + read changed files whole; trace data flow across the diff boundary; question the design, not just the lines. |
Boundaries (0, -1, len, len+1, empty, max) · null/None/undefined handling · concurrency
(race, deadlock, unbounded queue) · time/TZ/DST/epoch · type coercion · resource leaks ·
off-by-one (< vs <=) · idempotency/retry/cancellation · error paths (swallowed
exceptions) · branch coverage of new tests.
Layer-boundary violations · premature or missing abstractions · coupling · cohesion · drift from existing patterns · state management (global/singleton/shared mutable) · API surface (minimal vs leaking).
Secrets in the diff · injection (SQL, shell, eval) · authn/authz checks · sensitive data exposure/PII in logs · XXE/SSRF/path traversal · access control/IDOR · unsafe deserialization · new deps with known CVE patterns.
Avoidable O(n²) · DB N+1, missing index, unbounded result sets · sequential network I/O, missing timeouts · memory (full-collection loads, leaks) · hot-path allocations · locks held across I/O · blocking calls in async context.
The diff (inline — do not re-fetch), the task's plan row, the relevant spec requirements, and the code root for context reads. On FULL tier with worktree isolation, ALL context reads use worktree-prefixed absolute paths — main-repo code is stale and yields false positives.
Return ONLY the REVIEW_FINDINGS JSON (core/contracts/REVIEW_FINDINGS.md).
The orchestrator writes review.md.
Per-lens blocking severities: logic{blocker, major} · architecture{blocker} · security{critical, high} · performance{critical}. Overall = REQUEST_CHANGES if any lens blocks.
Consolidate blocking findings, re-dispatch the implementer with them inline, re-run
tests for the wave, then re-run THIS review (same single-review, four-lens shape).
Repeat until APPROVE or retry_cap; at the cap, @ask_user: retry once more / skip
with override (logged to flow.md + override audit) / abort.
Guides creation, editing, and verification of skills for AI coding agents using test-driven development with subagent scenarios. Use when authoring or debugging skills.
npx claudepluginhub rahul445/lifeline --plugin lifeline