posting-review-summary
Posting Review Summary
Context Detection
Check contexts in this order — use the first match:
| Context | How to Detect | Action |
|---|---|---|
| Agent Mode | Sticky comment context provided in prompt (comment ID + <!-- bitwarden-code-review --> marker) |
Write summary to /tmp/review-summary.md |
| GitHub Actions (tag mode) | mcp__github_comment__update_claude_comment available AND no sticky comment context |
Update sticky comment via MCP tool |
| Local review | Neither agent mode context nor MCP tool available | Write to review-summary.md in working directory |
FORBIDDEN: Do not use gh pr comment to create summary comments.
PR Metadata Assessment
If PR title, description, or test plan is genuinely deficient, add as a finding in the Code Review Details collapsible section.
Rules
More from bitwarden/ai-plugins
avoiding-false-positives
Use this skill to validate findings during a code review. For each finding, run the rejection criteria and verification checks. If a finding fails any check, drop it.
50retrospecting
Performs comprehensive analysis of Claude Code sessions, examining git history, conversation logs, code changes, and gathering user feedback to generate actionable retrospective reports with insights for continuous improvement.
49implementing-dapper-queries
Implementing Dapper repository methods and stored procedures for MSSQL at Bitwarden. Use when creating or modifying Dapper repositories, writing stored procedures, or working with MSSQL-specific data access in the server repo.
47classifying-review-findings
Use this skill when categorizing code review findings into severity levels. Apply when determining which emoji and label to use for PR comments, deciding if an issue should be flagged at all, or classifying findings as CRITICAL, IMPORTANT, DEBT, SUGGESTED, or QUESTION.
46reviewing-claude-config
Reviews Claude configuration files for security, structure, and prompt engineering quality. Use when reviewing changes to CLAUDE.md files (project-level or .claude/), skills (SKILL.md), agents, prompts, commands, or settings. Validates YAML frontmatter, progressive disclosure patterns, token efficiency, and security best practices. Detects critical issues like committed settings.local.json, hardcoded secrets, malformed YAML, broken file references, oversized skill files, and insecure agent tool access.
44analyzing-git-sessions
Analyzes git commits and changes within a timeframe or commit range, providing structured summaries for code review, retrospectives, work logs, or session documentation.
40