octocode-pr-review_skill

This skill reviews PRs for defects, security, health, and architectural impact using Octocode tools to focus on changed code.
  • TypeScript

725

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill bgauryy/octocode-mcp --skill octocode-pr-review

  • SKILL.md15.9 KB

Overview

This skill performs automated, expert-style pull request reviews focused on defects, security, health, and architectural impact for TypeScript projects. It requires a PR URL and uses Octocode tools and semantic code intelligence to inspect only changed code and produce actionable feedback. The output emphasizes high-confidence findings, precise citations, and practical fixes.

How this skill works

Given a PR URL, the agent fetches PR metadata and the diff, scans existing comments to avoid duplicates, and analyzes only lines added or modified. It leverages repository search, file content reads, and LSP-style traces to map definitions, references, and call hierarchies to evaluate flow impact. Findings are prioritized by confidence and risk, grouped into concise issues with explicit code fixes and links.

When to use it

  • Before merging feature or bugfix PRs to catch regressions and security issues early
  • When a PR touches authentication, authorization, data handling, or API surface
  • For medium-to-large PRs where flow impact across files is likely
  • When you need a focused review limited to added/changed code and high-confidence suggestions
  • To validate that a change won’t break callers or external integrations

Best practices

  • Provide the PR URL and any related tickets/design docs for better context
  • Respond to the mandatory user checkpoint: pick focus areas or request a full review
  • Keep PR descriptions and tests up to date so the reviewer can assess intent
  • Address HIGH-confidence issues first and provide commit references when fixed
  • Avoid requesting style-only comments; rely on linters for formatting

Example use cases

  • Review a hotfix that updates API handlers to ensure no breaking changes for consumers
  • Scan an auth middleware change for privilege escalation, token handling, and secrets exposure
  • Evaluate a refactor that moves core logic across modules to identify new call-graph risks
  • Inspect a dependency upgrade for potential security or behavioral changes in used APIs
  • Produce a short, prioritized list of verifiable fixes before merging a large PR

FAQ

No. The agent focuses only on added or modified lines ('+' prefix) and will only flag deleted code if the removal introduces a new risk.

How do you avoid duplicate comments?

The agent first reads existing PR comments and will skip suggestions that were already raised and unresolved only if they remain applicable.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational