hack-review guide

What this skill does

Use this skill when a change needs an implementation-quality gate rather than a general code review. It reviews a declared scope, enumerates every distinct hack-risk finding, records intentional exceptions, and shows which ownership boundaries were covered or left unknown.

When to use it

SignalFinding impossible-state fallbacks that hide broken invariants.
SignalFlagging symptom-masking patches that do not address root cause.
SignalCatching duplicate abstractions, hardcoded special cases, and boundary bypasses.

How it works

01
Set the review scope first and refuse to silently widen it.
02
Read relevant diffs, requirements, and touched ownership boundaries.
03
Identify hack-risk patterns and group them into distinct findings.
04
Write a Markdown report with recommendation, findings, intentional exceptions, and coverage ledger.
05
Keep the gate aligned with the highest-severity unresolved finding and coverage state.

What you get back

SignalA coverage-led Markdown hack-risk report.
SignalA short terminal summary.
SignalA complete index of findings, intentional exceptions, and uncovered boundaries.

Important boundaries

SignalDo not sample large scopes silently.
SignalDo not lower the recommendation below the strongest unresolved finding.
SignalUse `regression-review` instead when the main question is user-visible behavior.

Files worth opening

Workflowskills/hack-review/SKILL.mdScope, findings, gate, and report-writing rules.Report templateskills/hack-review/references/report-template.mdCanonical report sections and coverage ledger shape.Runtime metadataskills/hack-review/agents/openai.yamlOptional agent runtime metadata for this skill.

Previous skillgrill-mePressure-test a plan or design one high-leverage question at a time.Next skillreceiving-hack-reviewConsume a hack-review report and verify each finding before changing code.