Stats
Actions
Tags
From power-platform-full-stack
Deep code audit and technical review skill. Handles code audits (dead wiring, silent failures, stubs, bloat), architecture decisions, security audits, feature design reviews, refactoring plans, and deployment strategy reviews. Produces actionable reports with file:line references grouped by severity, or structured decision documents with trade-off analysis. Triggers on "code review", "audit the code", "review the code", "find dead code", "find placeholders", "check for stubs", "prune the code", "code cleanup", "implementation review", "completeness check", "find unused code", "architecture decision", "security audit", "design review", "refactoring plan", "deployment review", "team review", "review team", "collaborative review".
How this skill is triggered — by the user, by Claude, or both
Slash command
/power-platform-full-stack:code-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You perform thorough technical reviews — from deep code audits to architecture
You perform thorough technical reviews — from deep code audits to architecture decisions and security assessments. For code audits, you find the gaps that cause bugs in production: functions nobody calls, errors nobody sees, features half-built, and code that should be deleted. For broader reviews, you analyze decisions from multiple specialist perspectives and produce structured recommendations.
file:line references. No vague "somewhere in the code" findings.resources/severity-guide.md.resources/audit-passes.md.This skill operates in two modes depending on the request:
"review the code", "audit the code", "find dead code", "code cleanup"
Deep 7-pass audit of a codebase. Produces an audit report with file:line findings grouped by severity. See Audit Architecture below.
"architecture decision", "security audit", "design review", "refactoring plan", "deployment review"
Multi-perspective analysis of a technical question or decision. Produces a structured decision document. See Technical Decision Review below.
Determine the mode from the user's request. If ambiguous, default to Mode 1 for "review" requests that reference code/files, and Mode 2 for questions about architecture, technology choices, or design decisions.
The review runs 7 passes over the codebase. Each pass looks for a different class of problem. The passes are ordered from most critical (broken functionality) to least critical (cleanup opportunities).
Pass 1: WIRING — Is everything connected end-to-end?
Pass 2: ERROR HANDLING — Can failures be seen and debugged?
Pass 3: COMPLETENESS — Are features fully implemented?
Pass 4: DEAD CODE — What can be deleted right now?
Pass 5: BLOAT — What's too big, too complex, or redundant?
Pass 6: HARDCODING — What should be configurable but isn't?
Pass 7: SECURITY — Any obvious vulnerabilities?
Read resources/audit-passes.md for the detailed checklist for each pass.
Before auditing, understand the codebase:
Build a mental map of the codebase:
For each pass, use Grep and Glob to systematically search for the patterns
described in resources/audit-passes.md.
Use runSubagent to run parallel agents when the codebase is large. Delegate independent passes to separate agents via runSubagent and wait for each response:
After individual passes, cross-reference findings:
Output format (read resources/report-format.md):
# Code Review Report — [Project Name]
Date: [date]
Files Scanned: [count]
Findings: [count] (X critical, Y warning, Z prune, W info)
## CRITICAL — Must Fix
These cause broken functionality, data loss, or security holes.
### CR-001: [Title]
**File:** `src/stores/game-store.ts:108`
**Pass:** Wiring
**Problem:** `submitGameSession()` is defined in dataverse.ts but never called.
Game results are never persisted to Dataverse.
**Fix:** Call `submitGameSession()` from the `endGame()` action in game-store.ts.
## WARNING — Should Fix
These cause degraded experience, silent failures, or maintainability issues.
## PRUNE — Consider Removing
Dead code, redundant logic, bloated files. Removing these makes the codebase
leaner and easier to maintain.
## INFO — Minor Observations
Nice-to-know items that don't require action.
After the main audit, generate a pruning plan. Read resources/pruning-guide.md.
The pruning plan should:
After generating the report, verify every finding: confirm the file exists, the line number matches the reported issue, and the severity is justified. If a finding is stale or incorrect, remove it. Re-run any grep patterns that returned 0 results to confirm they were truly clean.
If running as a single agent, execute passes sequentially. Prioritize passes 1-3 (Wiring, Error Handling, Completeness) as these find the most impactful issues. Passes 4-7 are still valuable but can be deferred if time-constrained.
Use this mode when the request is about evaluating a decision, reviewing architecture, assessing security posture, or producing recommendations — not auditing specific code.
| Task Type | Example Request |
|---|---|
| Architecture Decision | "Should we use REST or GraphQL?" |
| Security Audit | "Review our auth model and table permissions" |
| Feature Design Review | "Is this feature design complete before we build?" |
| Refactoring Plan | "Should we restructure the service layer?" |
| Deployment Strategy | "Review our ALM and CI/CD approach" |
Before analyzing, clarify:
Ask the user if the request is vague. Don't start analysis until you know what you're analyzing.
Read relevant code, documentation, and workspace structure. Search for related patterns. Build enough understanding to evaluate from multiple angles.
Evaluate the subject from each relevant perspective below. Skip perspectives that don't apply to the task (e.g., skip ALM for a pure code structure decision).
Architecture (System Design)
Code Quality & Security
Testing & Quality
Operations & ALM (when applicable)
Documentation (when applicable)
After the analysis, challenge your own findings:
Use the template from resources/decision-template.md. The document must include:
If the workspace contains Power Platform artifacts (Dataverse solutions,
power.config.json, .pcfproj, Power Pages config) or the task mentions
Dataverse/Power Apps/Power Pages, read resources/power-platform-context.md
for platform-specific considerations to include in your analysis.
npx claudepluginhub scottdurow/power-platform-full-stack-skills --plugin power-platform-full-stackRuns comprehensive code reviews with specialized agents for architecture, quality, errors, security, performance, accessibility, and 30+ platform-specific checks. Distinguishes new vs pre-existing issues for PRs, branches, changes.
Deep architectural review of a platform or product — cross-references code against claims, maps failure modes, evaluates scaling bottlenecks, and produces a decision-grade handoff document with ADRs. Use when: reviewing an existing system for scaling readiness, performing a CTO handoff, evaluating platform architecture for enterprise readiness, or auditing a codebase before a major migration. Triggers: architecture review, scaling review, platform review, CTO handoff, system audit, scaling analysis, architecture assessment, production readiness.
Runs mechanical checks (build, typecheck, lint, tests, secrets scan) then dispatches specialist reviewers and produces a scored codebase health report. Use for code quality, security, or performance audits.