fix-review

SKILL.md

Verifies security audit fixes are correctly implemented without introducing new bugs.

Analyzes commit ranges against security findings (Trail of Bits format, numbered findings, or JSON) to confirm root causes are addressed, not just symptoms

Assigns status to each finding: FIXED, PARTIALLY_FIXED, NOT_ADDRESSED, or CANNOT_DETERMINE, with evidence linking commits to specific code changes

Detects bug introduction patterns including access control weakening, validation removal, error handling reduction, and cryptographic degradation

Generates detailed markdown reports mapping findings to commits with per-commit analysis and recommendations for follow-up actions

Fix Review

Differential analysis to verify commits address security findings without introducing bugs.

When to Use

Reviewing fix branches against security audit reports

Validating that remediation commits actually address findings

Checking if specific findings (TOB-XXX format) have been fixed

Analyzing commit ranges for bug introduction patterns

Cross-referencing code changes with audit recommendations

When NOT to Use

Initial security audits (use audit-context-building or differential-review)

Code review without a specific baseline or finding set

Greenfield development with no prior audit

Documentation-only changes