Stats
Actions
Tags
From soundcheck
Scans PR diffs for Critical/High severity OWASP and LLM security issues in changed files only. Designed for fast CI gating without subagents or threat modeling.
How this skill is triggered — by the user, by Claude, or both
Slash command
/soundcheck:pr-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Fast single-pass review of the files in a pull request diff. Reports
Fast single-pass review of the files in a pull request diff. Reports
only Critical and High severity findings. Designed for CI: completes
in seconds-to-minutes on haiku, well under the time a developer
expects to wait on a PR check. This is the per-PR gate. For nightly
or deep audits, reach for security-review or contract-review.
Soundcheck's per-category skills (injection, csrf, ssrf,
broken-access-control, authentication-failures,
hardcoded-secrets, path-traversal, prompt-injection, …)
auto-invoke when their description matches code in the diff. Examples
this gate is expected to catch on a routine PR:
injectionpath-traversalhardcoded-secretscsrfProtection —
csrfssrfThis skill is the coordinator — it does the reading; per-category skills supply the patterns. No subagents.
- [ ] Read every file in the supplied changed-file list once
- [ ] Apply soundcheck's per-category skills as their descriptions match
- [ ] Filter findings to severity Critical or High
- [ ] Emit findings table only (no chains, no design review)
- [ ] Append the machine-readable <soundcheck-findings>[...] block
For each finding, the table row contains:
| Severity | File:Line | Skill | Finding | Fix |
Fix immediately block.If a pattern requires cross-file tracing or threat modeling to classify, do not emit it — that's mode 2's job. Better a clean miss in CI than a noisy false positive that trains developers to ignore the gate.
Finish with one summary line: N findings (M Critical/High) or
No Critical or High findings. Suggest /security-review for a
deeper manual scan.
<soundcheck-findings> block appendednpx claudepluginhub thejefflarson/soundcheck --plugin soundcheckPerforms security reviews on Git diffs identifying high-confidence exploitable vulnerabilities with severity/confidence scoring, OWASP 2025 alignment, and optional GitHub PR comments.
Security-focused code review for PRs, commits, and diffs. Targets auth, crypto, external calls, and value transfer with evidence-based findings and a report artifact.
Audits staged git diffs for OWASP Top 10 issues and dependency typosquatting before committing. Designed for pre-commit review of security-sensitive changes.