review-checklists

<skill_overview> Ensure no critical aspects are missed during code review by providing domain-specific checklists. Performing the "Deep Pass" or "Test Review" steps of the review process. </skill_overview>

<checklist_security> Input Validation: Are all inputs (API, user, file) validated and sanitized? Authentication/Authorization: Are sensitive endpoints protected? Are permission checks correct? Secrets: Are any keys, tokens, or passwords hardcoded? (Check logs too!) Data Exposure: Is sensitive data (PII) accidentally returned in API responses? Dependencies: Are new dependencies necessary and trustworthy? </checklist_security>