Stats
Actions
Tags
From sd0x-dev-flow
Assesses uncommitted code risk with breaking change detection, blast radius analysis, and scope metrics. Outputs a weighted score and risk gate for PRs or pre-commit checks.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sd0x-dev-flow:risk-assessThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- Security vulnerability detection (use `/codex-security`)
/codex-security)/codex-review-fast)/project-audit)bash scripts/run-skill.sh risk-assess risk-analyze.js --json to collect deterministic scores--mode deep, detail blast radiusThe script analyzes 3 dimensions + 2 conditional flags:
| Dimension | Weight | What It Measures |
|---|---|---|
| breaking_surface | 45% | Removed exports, renamed APIs, changed signatures, deleted modules |
| blast_radius | 35% | Number of files importing changed modules (grep-based) |
| change_scope | 20% | File count, LOC delta, directory span, rename ratio |
| Flag | Trigger | What It Checks |
|---|---|---|
| migration_safety | Migration/schema files in diff | Rollback/down file exists |
| regression_hint | (v2 stub) | Future: git history analysis |
breaking_surface * 0.45 + blast_radius * 0.35 + change_scope * 0.20| Score | Level | Gate | Exit Code |
|---|---|---|---|
| 0-29 | Low | PASS | 0 |
| 30-49 | Medium | PASS | 0 |
| 50-74 | High | REVIEW | 1 |
| 75-100 | Critical | BLOCK | 2 |
If the script fails, report the error and suggest running manually:
bash scripts/run-skill.sh risk-assess risk-analyze.js --json
## Risk Assessment Report
| Field | Value |
|-------|-------|
| Score | **[N]/100** |
| Risk Level | [icon] [level] |
| Gate | [PASS/REVIEW/BLOCK] |
### Dimensions
[table of dimension scores + weights]
### Breaking Change Signals
[list of detected signals — only if any]
### Next Actions
[prioritized action items]
## Gate: [sentinel]
references/risk-dimensions.md — Signal catalog, import patterns, scoring bands (read when investigating a specific dimension)references/output-template.md — JSON schema, report templates per risk level (read when customizing output)npx claudepluginhub sd0xdev/sd0x-dev-flow --plugin sd0x-dev-flowReviews code changes before merge using Repowise risk scoring and per-file directive analysis to identify breakage risks, missing co-changes, and test gaps.
Analyzes blast radius of code changes with risk scoring using code knowledge graph or git diff/grep fallback. Shows affected nodes, untested functions, and review priorities.
Performs security reviews of PRs, commits, and diffs using git history for context, blast radius calculation, test coverage checks, and markdown reports.