此内容尚未提供您的语言版本,正在以英文显示。

Differential Review

插件活跃

Security-focused differential review of code changes with git history analysis and blast radius estimation

1 个 Skill 0 个 MCP

目的

To provide in-depth, security-focused code change reviews that identify vulnerabilities, regressions, and potential impact.

功能

Security-focused differential code review
Git history analysis for regressions
Blast radius calculation for impact assessment
Test coverage gap identification
Adaptive analysis depth based on codebase size

使用场景

Reviewing PRs for security vulnerabilities
Detecting security regressions in code
Analyzing the potential impact of code changes
Checking for untested code modifications

非目标

General code linting or formatting
Analyzing greenfield code without a baseline
Providing only a verbal explanation of findings
Replacing standard developer code reviews for non-security issues

Trust

warning:Issues Attention13 issues opened and 4 closed in the last 90 days indicates a low closure rate, suggesting slow maintainer response.

安装

请先添加 Marketplace

/plugin marketplace add trailofbits/skills

/plugin install differential-review@trailofbits

包含 1 个扩展

Skill (1)

Differential Review 技能

Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically detects and prevents security regressions.

质量评分

78 /100

1 day ago 分析

信任信号

最近提交3 days ago

GitHub 所有者 trailofbits

星标5.2k

许可证CC-BY-SA-4.0

状态

查看源代码

类似扩展

Kaizen

Inspired by Japanese continuous improvement philosophy, Agile and Lean development practices. Introduces commands for analysis of root cause of issues and problems, including 5 Whys, Cause and Effect Analysis, and other techniques.

插件

NeoLabHQ

Skill Optimizer

分析和优化您的 Agent Skills (SKILL.md)，利用会话数据和经过研究支持的静态检查。兼容 Claude Code、Codex 以及任何兼容 Agent Skills 的代理。

插件

hqhq1025

Review Agent Governance

Require a human approval signal before an AI agent can post PR reviews, comments, merges, or writes to CI config. Cedar-gated, receipt-signed, designed for the Hermes-style failure mode where a review bot posts without oversight.

插件

wshobson

Performance Testing Review

Performance analysis, test coverage review, and AI-powered code quality assessment

插件

wshobson

Comprehensive Review

Multi-perspective code analysis covering architecture, security, and best practices

插件

wshobson

Skill Improver

Automatically reviews and fixes Claude Code skills through iterative refinement until they meet quality standards. Requires plugin-dev plugin.

插件

trailofbits