Security Fix Review

When to Use

• Reviewing a proposed patch for a security vulnerability
• Verifying a fix addresses the root cause, not just a symptom
• Checking for variant vulnerabilities the fix might miss
• Ensuring regression tests adequately cover the vulnerability
• Validating that a fix doesn't introduce new attack surface

When NOT to Use

• Initial vulnerability discovery (use audit or static analysis skills)
• General code review without security context
• Performance optimization reviews

Review Checklist