audit-asc-pr

Installation
SKILL.md

Audit an ASC CLI pull request

Perform an evidence-first review of the entire pull request. Default to fix-forward work unless the user explicitly requests review-only.

Establish the contract

  1. Read AGENTS.md and resolve the repository, PR number, base branch, head branch, and exact head SHA.
  2. Read the PR body, every commit, linked issues, current checks, reviews, and comments.
  3. Fetch thread-aware review state with GitHub GraphQL. Do not treat a flat comment list as proof that all review threads are resolved.
  4. State the behavior the PR claims to change and the evidence needed to prove it.
  5. Confirm whether the user authorized fixes, pushes, approval, or merge. An audit authorizes fix-forward changes in this repository, but approval and merge still require explicit user intent.

Isolate and inspect

  1. Use a dedicated worktree and local branch for the PR. Preserve the user's main checkout and unrelated worktrees.
  2. Inspect the full merge-base diff and all PR commits, not only the latest commit.
  3. Compare the implementation with the linked issue and current product behavior. Check architecture fit, compatibility, error paths, permissions, destructive operations, output contracts, and missing cleanup.
  4. Verify claims from bots or reviewers against code, schemas, and tests before editing.
  5. Identify the blast radius: commands, shared helpers, API resources, output formats, auth modes, and release surfaces affected.
Installs
2
GitHub Stars
5.0K
First Seen
8 days ago
audit-asc-pr — rorkai/app-store-connect-cli